top of page
Search

Bruteforce Cyber Attacks Surge Across Southeast Asia: Over 53 Million Blocked in 2024

  • Writer: TrustSphere Network
    TrustSphere Network
  • May 27
  • 2 min read

As digital transformation accelerates across Southeast Asia, so too does the cyber threat landscape—and the numbers are alarming. According to a recent report from Kaspersky, over 53 million bruteforce cyberattacks were detected and blocked by their solutions across the region in 2024. This figure underscores the growing sophistication of cybercriminals and the urgent need for businesses to strengthen their cybersecurity posture.


Passwords Under Siege: The Mechanics of a Bruteforce Attack


At the core of this surge lies a time-tested but increasingly automated technique: bruteforce attacks. These attacks systematically attempt all possible password combinations to breach protected systems, often targeting Remote Desktop Protocol (RDP)—a widely used tool for remote IT management.


Bruteforce.Generic.RDP, one of the most common tools used by cybercriminals, enables attackers to launch relentless password-guessing campaigns. Once they crack a login, the consequences are dire: from data breaches to operational paralysis and reputational damage.


Southeast Asia in the Crosshairs: Regional Trends


The scale and frequency of these attacks are growing:

  • Indonesia: 14.6 million RDP attacks in 2024, a 25% year-on-year increase.

  • Malaysia: 3.2 million attacks, up 14% from the previous year.

  • Singapore: Over 4 million attempts detected.


On average, that equates to 145,000 bruteforce attacks per day targeting businesses across Southeast Asia.

"Cybercriminals now have a reliable assistant in AI, which speeds up password guessing and encryption breaking," said Adrian Hia, Managing Director for Asia Pacific at Kaspersky. "Imagine the repercussions of having a spy inside your corporate system—it’s time for a cybersecurity reckoning in SEA."

Weak Perimeters, Stronger Adversaries


With more employees working remotely and increasing cloud adoption, many organisations in Southeast Asia are inadvertently expanding their attack surface. Devices operating beyond the company firewall often lack critical monitoring, leaving them vulnerable to credential compromise and unauthorised access.


This risk is amplified by the cybersecurity talent shortage across the region, making it even harder for enterprises and SMBs to defend against an evolving threat landscape.


TrustSphere’s Perspective: What Businesses Should Do Now


Bruteforce attacks may be basic in concept, but with AI and automation in the mix, their execution has never been more effective—or dangerous. For businesses across Southeast Asia, this is a wake-up call.


To defend against these threats, TrustSphere recommends the following best practices, aligned with Kaspersky’s guidance:


  1. Use strong, complex passwords – and rotate them regularly.

  2. Restrict RDP access – only allow through secure, encrypted VPNs.

  3. Enable Network Level Authentication (NLA) – for an added layer of security.

  4. Implement Multi-Factor Authentication (MFA) – to reduce reliance on passwords.

  5. Disable RDP and close port 3389 – if it’s not essential to operations.

  6. Deploy AI-enhanced threat detection – to identify anomalies before they become breaches.


The Bottom Line


Cyber threats aren’t on the horizon—they’re already here. With the rapid evolution of attack methods and regional exposure increasing, the time for Southeast Asian businesses to act is now. From securing remote access protocols to deploying intelligent fraud and intrusion detection tools, proactive investment in cybersecurity is not optional—it’s essential.


At TrustSphere, we help financial institutions and technology vendors across APAC elevate their fraud, AML, and cybersecurity frameworks—building resilience against emerging risks while enabling digital growth.


Need help recalibrating your cyber risk strategy?





Let’s connect and discuss how we can help secure your systems before the next attack hits.


 
 
 

Commentaires

Recommended by TrustSphere

Atfinity


 

Izengard


 

Trefis


 

Noto360



 

Thetaray


 


Regulation Asia


 


FCC Analytics

 

Futurum



 



Darwinium


 

Arkose Labs


 

Relevance.ai



 

SumSub



 

FinanceX



 

LevelFive



 

FullArmor



 

Clari5



 

© 2024 TrustSphere.ai. All Rights Reserved.

hello@trustsphere.ai

  • LinkedIn

Disclaimer for TRUSTSPHERE.AI

The content provided on the TRUSTSPHEREAI website is intended for informational purposes only. While we strive to provide accurate and up-to-date information, the data and insights presented are generated from a contributory network and consolidated largely through artificial intelligence. As such, the information may not be comprehensive, and we do not guarantee the accuracy, reliability, or completeness of any content.  Users are advised that important decisions should not be made based solely on the information provided on this website. We encourage users to seek professional advice and conduct their own research prior to making any significant decisions.  TruststSphere Partners is a consulting business. For a comprehensive review, analysis, or support on Technology Assessment, Strategy, or go-to-market strategies, please contact us to discuss a customized engagement project.   TRUSTSPHERE.AI, its affiliates, and contributors shall not be liable for any loss or damage arising from the use of or reliance on the information provided on this website. By using this site, you acknowledge and accept these terms.   If you have further questions,  require clarifications, or requests for removal or content or changes please feel free to reach out to us directly.  we can be reached at hello@trustsphere.ai

bottom of page