Features May 21, 2025
Bookmark feature is for subscribers only. Subscribe Now to save your favorites.

PH Businesses Hit by 4.1 Million Brute Force Attacks in 2024: How Can Data be Protected?

FacebookXEmailCopy Link

Southeast Asia recorded 53.4 million brute force attacks last year, underscoring regional cybersecurity threats

Philippine businesses were hit by over 4.1 brute force attacks last year, according to a report by cybersecurity firm Kaspersky. A brute force attack happens when a hacker uses trial and error to guess passwords, encryption keys, and other login information. 

As it is a trial and error, the hacker typically tries all possible combinations until the right one is discovered. This then allows the hacker to access accounts and retrieve sensitive data. 

Aside from accessing personal and sensitive data, hackers can also use the opportunity to cause disruptions in the company’s system by spreading malware and even hijack the whole system for their personal gain. 

According to a report by the Philippine Daily Inquirer, the cybersecurity firm pointed out that company phones are particularly vulnerable to such attacks, especially in this day and age where many employees work remotely. 

Due to this setup, employees can conveniently access internet systems anywhere and are away from the protection of their company’s IT department. 

Rest of Southeast Asia Also Experienced Brute Force Attacks 

The Philippines is not the sole nation targeted by brute force attacks, as similar incidents have been reported across multiple countries. Vietnam recorded the most attacks in the Southeast Asian region, with 19.87 million being tallied in 2024. 

Indonesia came in second with 14.66 million, while Thailand came in third with 7.3 million. Overall, Southeast Asia experienced 53.4 million attacks last year. 

How Can a Business Protect Itself From Brute Force Attacks? 

With the growing threat of brute force attacks—particularly for local businesses—it is essential for companies and their employees to prioritize the protection of sensitive data.

Use Strong Passwords

As brute force attacks focus heavily on guessing passwords, one way to ensure security is by using strong passwords to protect accounts and other sensitive data. 

Strong passwords are typically 12 characters long, but Microsoft notes that 14 or more characters is recommended. A combination of uppercase letters, lowercase letters, numbers, and symbols must be used and should not contain information that can be easily guessed, such as the account person’s name and company. 

It is highly recommended not to reuse the same password for multiple accounts. In the event of a hacking incident, a hacker can easily access other accounts that use the same password. 

Use 2FA and CAPTCHA

Another way companies and employees can keep data secure is through the use of two-factor or multi-factor authentication, as they add an additional layer of security. Businesses are advised to restrict the number of login attempts per account to prevent repeated guessing by hackers. Implementing account lockouts after exceeding the allowed number of attempts can further enhance security.

Companies should also consider using CAPTCHAs in order to deter automated computer hacking attempts as manual verification is something that bots find challenging as they cannot verify that they are human through this method. There are many options for CAPTCHAs available, including identifying objects and retyping text. 

Educate Employees on Password Security 

All the safety precautions will be rendered useless if those within the company are not properly educated on password security as well as the threats of cyberattacks. Companies need to provide adequate training for employees to ensure that they know and understand the best practices when it comes to data security. 

Companies should likewise educate employees on tools and software that can be used to keep passwords safe and secure data that is stored digitally. 

Frequently Asked Questions

A brute force attack is a method where hackers use trial and error to guess passwords, encryption keys, and login credentials by systematically trying all possible combinations. In 2024, Kaspersky recorded over 4.1 million such attacks against Philippine businesses, enabling unauthorized access to sensitive data, malware deployment, and in some cases full system hijacking.

Southeast Asia recorded 53.4 million brute force attacks in 2024, according to Kaspersky. Vietnam led the region with 19.87 million attacks, followed by Indonesia with 14.66 million and Thailand with 7.3 million. The Philippines recorded over 4.1 million, reflecting a significant and region-wide cybersecurity threat to businesses operating across Southeast Asia.

Remote work arrangements expand the attack surface for brute force attempts because employees access company systems outside the protection of corporate IT infrastructure. According to Kaspersky, company phones are especially vulnerable in this context, as they connect to varied and potentially unsecured networks without the oversight that on-premise IT departments typically provide.

Businesses should require passwords of at least 14 characters combining uppercase and lowercase letters, numbers, and symbols — avoiding personal or company-specific information. Password reuse across multiple accounts should be prohibited, as a single compromised credential can expose all accounts sharing the same password.

Two-factor and multi-factor authentication add a verification layer beyond passwords, significantly reducing the effectiveness of brute force attempts even when credentials are compromised. CAPTCHAs further deter automated attacks by requiring human verification that bots cannot complete. Combining these measures with login attempt limits and account lockout policies provides a layered defense against credential-based intrusions.

Bella Javier Liamzon

Bella Javier Liamzon

Editor

   

More From Features

Features

How Philippine Consumer Fairs Create Opportunities for Small Businesses

Features

Business Community, Stakeholders Back a Circular Economy Through Legislation

Features

Levanto Restaurant Hub Hosts Lifestyle Asia’s ‘Crave’ Launch in Makati

Features

The Economic Impact of LGBTQ+ Entrepreneurship in the Philippines

Learn straight from the top CEOs and business leaders. Access exclusive articles and videos.

Subscribe Now