Asia Pacific Under Attack: The Q3 2016 Cybercrime Report and a Region in the Crosshairs

Posted December 21, 2016

Asia Pacific Under Attack: The Q3 2016 Cybercrime Report and a Region in the Crosshairs
Report Reveals a 40% Increase in Cyber Attacks — Here’s What It Means to a Booming Digital Revolution

On a quiet morning last May, 100 hooded thieves descended on Tokyo and proceeded to ransack over 14,000 ATM machines in just less than three hours, before vanishing as quickly as they’d appeared.
 
According to the Financial Times, this organized cybercrime ring used stolen credit card data to turn a hack into a mountain of cash with shocking ease. And according to trends observed in our new Q3 2016 Cybercrime Report—APAC Deep Dive is any indication, things are only getting worse.
 
Why? Because the region’s rapidly expanding digital revolution is revealing vulnerabilities in a region with a great variety of cyber security maturity.

The digital revolution

According to the Q3 Report, which looks at real world cybercrime attacks from July through September, APAC businesses and consumers saw overall online transaction volumes increase 36% over Q3 2015.
 
At the center of this digital revolution: Mobile, which has grown 44% year-over-year.
 
As it happens, this mobile boom has been particularly beneficial to the financial services sector, which has seen exponential growth in mobile banking throughout Asia Pacific. The problem, however is that it’s all accompanied by a sharp increase in cybercrime, with a 40% rise year-on-year.
 
While cybercrime is a global problem, there can be stark differences between countries in both the nature of attacks and the capacity to fight back.
 
Advanced digital economies like Australia and New Zealand, for instance, have the highest transaction volumes in all of APAC, yet saw the lowest overall reject rate due to fraud in Q3, at 3.7%.
 
By comparison, countries in Southeast Asia saw huge growth in digital—especially mobile—but also nearly 50% more rejected transactions than the same period last year.
 
In a region dependent on cross-border business, these kinds of imbalances can spell disaster.
 
Why? Because a higher percentage of cross-border transactions are automated bot attacks than is the case with domestic transactions. Automated attacks are used for large-scale credential testing, using identity data harvested from huge data breaches. During attack spikes, traffic from such bot attacks can top legitimate traffic for certain organizations, especially within China.
 
Factor in other forms of identity and location spoofing through VPNs and proxies, which also reached twice the global average in Q3, and the challenges grow exponentially.

Identity is the new currency

So, what lies ahead for Asia-Pacific in Q4 and beyond?
 
Our Q3 report makes one thing abundantly clear: Identity data is now hard currency for criminals out to perpetrate fraud within a region that is fast becoming a key hub for cybercrime.
 
According to the Times, business revenues lost to cyber attacks in the APAC topped $81 billion last year. That’s $20 billion more than the total cost of attacks in North America, and a fourth of all global losses to cybercrime.
 
As a result, organizations throughout this vast region face enormous pressure to establish accurate authentication methods that can offer legitimate users the frictionless experience needed to keep up with the pace of business.
 
To learn more, along with insights on how to protect your business through the power of digital identity, check out our full Q3 2016 Cybercrime Report—APAC Deep Dive: click here.
 
 

Alisdair Faulkner

Alisdair Faulkner

Chief Products Officer, ThreatMetrix

close btn