ArrowArtboardCreated with Sketch.Title ChevronTitle ChevronEye IconIcon FacebookIcon LinkedinIcon Mail ContactPath LayerIcon MailPositive ArrowIcon PrintTitle ChevronIcon Twitter
Business trends

Cyberattack damage limited this time but Asia vulnerable

Experts warn the region could pay for a lack of investment in security

TOKYO -- A global cyberattack that has swept Europe and the U.S. in the past several days has landed on Asian shores, inflicting limited damage. But experts warn Asian companies are more vulnerable in terms of cybersecurity and could be hit harder in future strikes.

The latest attack, thought to be caused by malware called "Petya," was centered on Europe. Most Asian companies and government bodies remained unaffected, but there has been some fallout.

In India, operations were disrupted at the country's largest container port, Jawaharlal Nehru Port Trust, after its private-sector terminal operator, APM Maersk, was affected by the cyberattack, according to statement released Wednesday by India's Ministry of Shipping.

Maersk confirmed on its website the same day that "a number of IT systems are deliberately shut down across multiple sites and select business units," and that "business continuity plans are being implemented and prioritized."

In Australia's island state of Tasmania, production at a Cadbury chocolate factory was halted after its parent company, Mondelez International, was struck by the malware. "We continue to work quickly to address the current global IT outage across Mondelez International, and to contain any further exposure to our network," the company said in a statement

An Australian employee with global law firm DLA Piper was also hit, according to several media outlets.

Ground zero: Ukraine and Russia

Reports suggest many of the companies affected in Asia are local arms of European and American companies. The epicenter of the attack was in Russia and Ukraine.

"To date, Ukraine is the country with the largest number of affected users, and there are signs that the infection started in Ukraine," a spokesman for Russian securities company Kaspersky told the Nikkei Asian Review. "The distribution points for the malware was the Ukrainian software company MeDoc," the spokesman said, adding that MeDoc's website was hacked, and its users received a malicious automated update.

U.S. network security specialist Symantec said the latest attack uses "a new strain of the 'Petya' ransomware," similar to the "WannaCry" malware used in a global cyberattack in May. Like "WannaCry," "Petya" encrypts files on the affected computer, then sends out a demand for payment in cryptocurrency to unlock the files. In the latest attack, those infected are being told to pay $300 in Bitcoin.

However, some security experts have pointed out that this attack is a "wiper," designed to destroy and damage the files, as opposed to "ransomware," where the aim is to make money.

Despite the limited damage in Asia, experts warn that companies in the region are more vulnerable to cyberattacks than other parts of the world. According to a report by the U.S. security company FireEye, the median time between a security breach and its discovery in the Asia-Pacific region in 2016 was 172 days, significantly longer than the global medianof 99 days.

"APAC continues to have one of the highest dwell times for adversaries because of the basic lack of investment in security," the report said, adding that Asia's financial services sector was a "top target for cybercriminals and nation-state actors from around the world."

That spells trouble in the region as cybercriminals are becoming more cunning by the day.

Shohei Daido, a researcher at Japan's Information-Technology Promotion Agency, said the recent attacks appeared to be more sophisticated than the May attacks. "'WannaCry' was sloppier. ... Encryption [of the files] was incomplete, and it couldn't spread to other computers as programmed," Daido said. "This latest attack seems to have properly encrypted the files."

Sponsored Content

About Sponsored Content This content was commissioned by Nikkei's Global Business Bureau.

You have {{numberArticlesLeft}} free article{{numberArticlesLeft-plural}} left this monthThis is your last free article this month

Stay ahead with our exclusives on Asia;
the most dynamic market in the world.

Stay ahead with our exclusives on Asia

Get trusted insights from experts within Asia itself.

Get trusted insights from experts
within Asia itself.

Try 1 month for $0.99

You have {{numberArticlesLeft}} free article{{numberArticlesLeft-plural}} left this month

This is your last free article this month

Stay ahead with our exclusives on Asia; the most
dynamic market in the world
.

Get trusted insights from experts
within Asia itself.

Try 3 months for $9

Offer ends October 31st

Your trial period has expired

You need a subscription to...

  • Read all stories with unlimited access
  • Use our mobile and tablet apps
See all offers and subscribe

Your full access to Nikkei Asia has expired

You need a subscription to:

  • Read all stories with unlimited access
  • Use our mobile and tablet apps
See all offers
NAR on print phone, device, and tablet media

Nikkei Asian Review, now known as Nikkei Asia, will be the voice of the Asian Century.

Celebrate our next chapter
Free access for everyone - Sep. 30

Find out more