Kaspersky uncovers 50 million offline malware attacks in Southeast Asia, calls for tighter USB security
Southeast Asia (SEA) — As enterprises pour resources into defending against online cyber threats, a stealthier and equally dangerous vector is thriving in the shadows: USB-based and removable media malware.
In 2024, Kaspersky’s cybersecurity solutions blocked 49,234,759 offline malware attacks across businesses in Southeast Asia—marking a 15% increase from the 43 million incidents recorded in 2023.
These on-device threats bypass traditional firewalls by exploiting the trust placed in physical devices like USB drives and external hard disks. Unlike web-based malware, offline threats spread without needing internet connectivity, making them harder to detect and equally damaging.
USB Worm Discovered in Secure Government Drive
According to Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky, a shocking case uncovered in late 2024 revealed how far these attacks have evolved:
“A secure USB drive—developed by a government entity for confidential data transfer—was compromised with malicious code in its access management software. The code allowed the drive to steal data and acted as a USB worm, infecting other drives of the same type.”
This incident exemplifies how even trusted devices in sensitive environments can be turned into tools of cyber espionage and data theft.
Surge in USB Malware Across the Region
Singapore experienced the largest spike in offline attacks at 88% year-over-year, followed by:
-
Malaysia: 47% increase
-
Vietnam: 25% increase
-
Thailand: 20% increase
-
Philippines: 16% increase
-
Indonesia: The only country with a slight dip at -3% YoY
Kaspersky’s Recommendations to Defend Against Offline Threats
Kaspersky urges organizations to take urgent action by adopting a layered security approach. Their expert recommendations include:
-
Provide SOC teams with cutting-edge threat intelligence, such as Kaspersky Threat Intelligence.
-
Upskill cybersecurity staff using Kaspersky’s online training programs developed by GReAT experts.
-
Deploy advanced threat detection platforms, such as Kaspersky Anti Targeted Attack Platform.
-
Use centralized protection like Kaspersky Next XDR Expert for asset-wide defense.
-
Launch ongoing security awareness training via platforms like the Kaspersky Automated Security Awareness Platform.
-
Regularly update software and operating systems to close known vulnerabilities.
“Offline malware attacks are no longer rare. Businesses must be just as vigilant with USB ports and removable devices as they are with firewalls and emails,” added Yeo.
