sb-nz logo
Story image

APAC the highest risk spot for malware encounters, says Microsoft report

01 Feb 2017

Asia Pacific countries have serious work to do when it comes to protecting themselves against malware – in fact, the region is one of the highest risk areas when it comes to cybersecurity threats.

Those are the figures from a regional biannual report from Microsoft Asia, titled Security Intelligence Report (SIR), Volume 21, which warned that Asia Pacific and emerging areas take out three out of the top five global spots for malware encounters.  

The two main risk points are in Southeast Asia, specifically Vietnam and Indonesia – as they both have malware encounter rates of more than 45%, the report says.  This is double the worldwide average of 21%.

Other countries in the top 10 include Mongolia, Thailand, Pakistan, the Philippines and India, all featuring encounter rates of more than 30%.

Other established regions such as Australia, New Zealand, Singapore and Japan have malware rates that are below the worldwide average, which Microsoft says is reflective of the ‘diverse cybersecurity landscape’.

The most featured malware threats include:

Dynamer: A Trojan that can steal personal information, download malware or provide access for hackers.

Gamarue: A malicious worm that gives hackers control of a PC, allowing them to steal information and change PC security settings. This worm has been the most commonly encountered non-generic threat worldwide, with strong hit rates in India and Indonesia. These countries accounted for 25% of all Gamarue encounters.

Lodbak: A Trojan that is installed on removable drives by Gamarue.  It also installs Gamarue when the drive is plugged into a computer.

Keshav Dhakad, Microsoft Asia’s regional director, digital crimes unit, says the increase in malware attacks is now ‘mission critical priority’, and can take up to 200 days for attacks to be truly visible.

“With no sign of abatement in the future, what companies need is a Secure Modern Enterprise posture, which involves well-integrated “Protect-Detect-Respond” investments and capabilities, with a strategic focus on the core pillars – Identity, Apps, Data, Infrastructure and  Devices,” Dhakad says.

He says organizations should also consider cloud-based services for enterprise-grade security, privacy, assurances and certifications.

The report analysed threat information for more than one billion systems worldwide, analysing both long term trend data and threat profiles for more than 100 markets and regions.

Microsoft Asia says that there are five best practices for preventing malware infections.

Use genuine, current and updated software. Anything that is not any of these things will increase chances of a cyber attack.

Maintain proper cyber hygiene. Password protection, high credentials and more control over personal devices can lower the risk of infection.

Create a data culture. Big data analytics, classification, multifactor authentication, encryption, machine learning and other tools can provide clues to impending attacks.

Invest in real-time monitoring and a robust cyber defence ecosystem. These can monitor, detect and remove threats in real time, while developing in-house expertise for threat analytics.

Assess, review and audit. These steps involve a trusted IT supply chain across BYOD, cloud, hardware, Internet of Things and software. In addition, reviewing network access, security assessments and deployments can help organizations keep track of cyber protection effectiveness.

Story image
Organisations investing significant time modifying web application firewalls to keep ahead of cybersecurity threats
"The sheer amount of traffic and potential threats can ensnare resources and impact the ability to introduce greater precision to those key systems."More
Story image
Creating a strong culture of security within organisations
CISOs worldwide are inherently aware of how significant investment in cybersecurity strategies and technologies can bolster an organisation’s protection against cyberattacks. However, many overlook the importance of culture when it comes to cybersecurity.More
Story image
Veeam reports growth as demand for modern data protection increases
“Even with the unforeseen challenges and circumstances that began in early 2020, Veeam continued its rapid growth with its second consecutive year of bookings over $1 billion."More
Story image
ICS vulnerabilities on the rise as gaps in remote work expand attack surfaces
The number of ICS vulnerabilities disclosed in 2020 increased by more than 30% compared to 2018 and nearly 25% compared to 2019.More
Story image
Latest Tenable launch provides holistic approach to vulnerability management
Tenable.ep is reportedly the industry’s first, all-in-one, risk-based vulnerability management platform designed to scale as dynamic compute requirements change.More
Story image
Why extended detection and response is a 'movement'
Fuelling its momentum as a movement fast gaining traction, Gartner called XDR the number one trend CISOs should understand to strengthen security initiatives. More