sb-nz logo
Story image

Microsoft releases latest edition of Security Endpoints Threats report

17 Jun 2020

Microsoft has released findings from the latest edition of its Security Endpoint Threats report, detailing the key cybersecurity trends for 2019 in the Asia Pacific (APAC) region.

The latest iteration of the report sheds more light on the difference in exposure and response to cyber threats between developed and developing countries in the region, and highlights the most common and effective methods of attack experienced across APAC.

Malware and ransomware thrive in APAC

Especially in developing markets in the Asia Pacific region, malware and ransomware remain significant challenges. Countries like Indonesia, Sri Lanka, India and Vietnam continue to experience an encounter rate for malware and ransomware approximately 1.7 times higher than the rest of the world, according to the report.

This is despite a 23 and 29% overall decline across these two threat vectors when compared to the 2018 findings. 

On the other hand, threat encounter rates for malware and ransomware in Japan, New Zealand and Australia were three to six times lower than the regional average. 

“Often, high malware encounters correlate with both piracy rates and overall cyber hygiene, that includes regular patching and updating of software. Countries that have higher piracy rates and lower cyber hygiene tend to be more severely impacted by cyber threats,” says Microsoft Asia assistant general counsel for the Digital Crimes Unit Mary Jo Schrade.

“Patching, using legitimate software, and keeping it updated can decrease the likelihood of malware and ransomware infections.

“Cybercriminals do not stand still. We are witnessing attackers pivoting away from conventional methods, and shifting towards customised campaigns, targeted at specific geographies, industries, and businesses. 

“By relying on cloud technology and developing a comprehensive cyber resilience strategy, organisations can effectively bolster their cybersecurity strategies.”

Developing countries see rise in cryptocurrency mining 

India, Indonesia and Sri Lanka have recorded the highest cryptocurrency mining attack encounters in Asia last year, according to the report. 

These kinds of attacks target victims who attempt to mine currency, infecting their computers with mining malware. 

This method of breach remains popular for attackers looking to make quick money, according to Schrade.

“Cybercriminals are usually incentivised by quick financial gains. We believe that the recent fluctuations in the value of cryptocurrency and the increased time required to generate it, has perhaps led to them focusing on other forms of cybercrime,” says Schrade.

Drive-by download attacks level out

These attacks involve downloading malicious code onto an unsuspecting user’s computer when they visit a website or fill up a form. The malicious code that is downloaded is then used by an attacker to steal passwords or financial information.

Volume for these attacks in APAC has converged with the rest of the world at 0.08%, following a 27% decline from 2018. 

Despite the general decline in drive-by download attacks across the region, the study found that regional business hubs, Singapore and Hong Kong, recorded the highest attack volume in 2019, over 3 times the regional and global average. 

“We usually see cybercriminals launch such attacks to steal financial information or intellectual property,” adds Schrade.

“This is a likely reason why regional financial hubs recorded the highest volume of such threats.

“The high attack volume in these markets may not necessarily translate into a high infection rate, perhaps due to their good cyber hygiene practices and use of genuine software.” 

Story image
The best DDoS protection depends on the use case
On-demand, always-on and hybrid models provide different services for different needs, writes Radware product marketing manager Eyal Arazi.More
Story image
Phishing email attacks targeting remote workers on the rise
“Just because employees may be more used to their home office environment doesn’t mean that they can let their guard down."More
Story image
Hornetsecurity acquires Altaro, the latest in acquisition spree
The move is a culmination of a medley of acquisitions made by Hornetsecurity recently, following the January 2019 acquisition of Spamina, a Spanish cloud email security company, as well as EveryCloud, its British market partner, in early 2020.More
Story image
Trend Micro adds cloud-native container security to Cloud One Services Platform
Designed to ease the security of container builds, deployments and runtime workflows, the new service helps developers accelerate innovation and minimise application downtime across Kubernetes environments.More
Story image
Emotet remains leading malware in global threat index
The malware has impacted 7% of organisations globally, following a spam campaign which targeted more than 100,000 users per day during the holiday season.More
Story image
The current state of ransomware — and its future
Discoveries made by analysts at Sophos have unearthed a new development: ransomware code appears to have been shared across ‘families’, and some of the ransomware groups seemed to work in collaboration more than in competition with one another. More