Philippines hit by over 4.1 million ‘guess the password’ IT attacks in 2024

A hooded man holds a laptop computer as a blue screen with an exclamation mark is projected on him in this illustration picture. REUTERS/Kacper Pempel/Illustration

MANILA, Philippines — Enterprises in the Philippines and the rest of Southeast Asia are warned against the proliferation of cyberattacks that “guess the password” of their information technology (IT) systems in order to steal confidential corporate data.

In a report by cybersecurity firm Kaspersky, over 4.1 million “brute-force” attacks were detected in the Philippines in 2024..

This digital threat entails a “method for guessing a password or an encryption key that involves systematically trying all possible combinations of characters until a correct one is found,” the company explained.

A successful attack will allow cybercriminals to illegally obtain user credentials and other sensitive data.

Kaspersky explained that company devices are prone to cyberattacks amid the rise of remote work setup, whereby employees can access the network system anywhere via the internet.

Vulnerability spikes up because these devices are “away from the protection of the IT department,” the cybersecurity expert explained.

READ: Kaspersky reminds public to practice ‘digital hygiene’

Regional trends

In total, Southeast Asia dealt with about 53.4 million brute-force attacks last year. Vietnam was the most exposed with 19.87 million digital threats, followed by Indonesia with 14.66 million and Thailand with 7.3 million.

Kaspersky managing director for Asia Pacific Adrian Hia said there were over 145,000 daily attempts to penetrate the enterprise systems on average in the region last year.

Hia warned that cybercriminals could now launch their attacks with the assistance of artificial intelligence, allowing them to “guess passwords and break encryptions faster.”

“Once successful, a brute-force attack allows an attacker to gain remote access to the targeted host computer. Imagine the repercussions of having a spy, or more, inside your computers,” he said.

“Thus, it is urgent for businesses here to really look into their IT posture and recalibrate their cybersecurity capabilities,” he added.

In a related report, Kaspersky earlier said the Philippines also saw 1.8 million on-device cyber threats last year, showing that cybercriminals also penetrate IT walls using “offline methods” like thumb drives and external hard drives.

Kaspersky noted these devices could be tampered and installed with malicious software that can steal confidential files.