SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Asia Pacific countries are a melting pot of cyber threats
Wed, 14th Mar 2018
FYI, this story is more than a year old

Asia Pacific (APAC) countries remain a popular melting pot for cyber threats of all kinds, including online banking malware, ransomware, malicious mobile app downloads and exploit kit attacks.

APAC accounted for almost 40% of the 1.7 billion ransomware attacks between 2016-2017, according to Trend Micro's 2017 Security Roundup Report.

APAC was also the region affected by the highest number of threats in most recorded categories including exploit kit attacks, 70% of which affected APAC countries.

55% of all online banking malware affected APAC; 72% of malicious mobile app downloads affected APAC.

Trend Micro detected 3.3 million malicious mobile apps in APAC in 2017, five times more than the second-most affected region (EMEA, 617,290).

Although the total amount of threats dropped from 1.07 billion in 2016 to 630 million in 2017, the amount of new ransomware families increased by more than 30% to 327.

Trend Micro describes the statistics as an ‘interesting web of incongruities' as security events evolved to be more targeted and disruptive.

“In 2017, the real world stood witness to the paradox of cyberthreats,” Trend Micro's report says.

The statistics highlight how criminals are becoming smarter with their attacks as technologies evolve, says Trend Micro's managing director and VP of AMEA, Dhanya Thakkar.

“In 2017, 553 data breaches were made public, compared to 813 in 2016. But the number of affected records reached almost 5 billion, compared to 3.3 billion in 2016. Ransomware threats and exploit kits also decreased in 2017, signaling a shift away from spray-and-pray attacks, and towards smaller-scale, more effective, and more targeted attacks.”

Business Email Compromise (BEC) attempts also doubled. In one case a Japanese transportation company lost approximately US$3.5 million in December last year. The most-spoofed targets included high-level executives such as CEOs, managing directors and presidents.

Cryptocurrency mining malware proved to be prevalent in vulnerable IoT devices peaked in October 2017 with more than 100,000 detections that month.

 Trend Micro detected more than 45.6 million cryptocurrency mining events globally during the year, representing a large percentage of all IoT events observed.

On top of that, software vulnerabilities also continued to be targeted, with 1,008 new flaws discovered and disclosed in 2017 through Trend Micro's Zero Day Initiative and their 3,500+ independent white hat researchers.

The rising number of intelligent threats highlights the importance for individuals and businesses of all sizes to ramp up their cybersecurity efforts. Adopting a cross-generational strategy that includes a blend of security protections and risk mitigations can help to defend against old and new threats,” Thakkar concludes.