Cloud company, Akamai Technologies has released a new State of the Internet report which found that the use of zero-day and one-day vulnerabilities has led to a 204% increase in total ransomware victims between Q1 2022 and Q1 2023 in Asia Pacific and Japan (APJ).

The report also found that ransomware groups increasingly target the exfiltration of files, the unauthorised extraction or transfer of sensitive information, which has become the primary source of extortion. This new tactic indicates file backup solutions are no longer a sufficient strategy.

Essential infrastructure in the region is being actively targeted, as the top five critical industries in APJ that have been attacked by ransomware and are at further risk are manufacturing, business services, construction, retail, as well as energy, utilities, and telecommunications.

The spike in ransomware attacks is due to adversaries shifting the emphasis of their modus operandi from phishing to vulnerability abuse to exploit unknown security threats and infiltrate business internal networks to deploy ransomware.

Lockbit is the most prevalent ransomware in each industry in APJ, accounting for 60% of attacks in manufacturing, 55.8% in business services, 57.7% in construction, 45.8% in retail, and 28.6% in energy.

The report also found that the majority of ransomware victims in APJ are small-to-medium sized enterprises (SMEs) with a reported revenue of up to US$50 million (A$78 million). Victims of multiple ransomware attacks were more than six times more likely to experience the second attack within three months of the first attack.

“Adversaries behind ransomware attacks continue to evolve their techniques and strategies striking at the heart of organisations by exfiltrating their critical and sensitive information. It’s imperative that both the private and public sectors across APJ strengthen collaboration to help organisations defend against ever-growing ransomware threats,” Akamai director of security technology and strategy, Dean Houari said.

“Businesses – especially SMEs in APJ – must work to adopt a zero-trust architecture starting with software defined micro segmentation in order to effectively mitigate ever evolving cyberattacks as well as Ransomware-as-a-Service. By doing so, they can successfully protect their critical assets, business reputation, and ensure business continuity regardless of the type of attack tool deployed by cybercriminal gangs.”