Story image

NZ dodging malware bullets better than most, new Microsoft report finds

01 Feb 2017

The latest New Zealand results from Microsoft’s Security Intelligence Report Volume 21 show that the country is well below the worldwide average when it comes to malware encounter rates, well below other countries in APAC.

In the second quarter of 2016, 11.8% of New Zealand computers encountered malware attacks, compared to the worldwide rate of 20.8%. The malware encounter rate has also been dropping over the past two years, showing that the country is faring well when it comes to avoiding malware attacks.

The number of computers cleaned per mile (CCM) also sits below the worldwide average, coming in at 5.4%. This measure is a rate metric that shows the number of computers cleaned for every 1000 unique computers using the Malicious Software Removal Tool.

Malicious software categories

The report also found that Trojans account for the majority of malicious software categories, mirroring worldwide statistics.

Trojans in New Zealand accounted for 5.5% of all encounters, compared to the worldwide rate of more than 11%.   

Worms were the second-most-encountered malicious software category, accounting for 1.3% of encounters. Downloaders and droppers featured in third place, accounting for 1.2% of encounters.

Amongst the most common malicious software families were the Win32/Dynamer (0.6%), Win32/Xadupi (0.6%) and JS/Axpergle (0.5%).

The Win32/Dynamer is a generic detection for a variety of threats.

Win32/Xadupi is a Trojan that poses as useful applications such as WinZipper or QKSee, but can silently install other malware. It is often installed by browser modifiers Win32/Sasquor and Win32/SupTab.

JS/Axpergle is a detection for the Angler exploit kit, which targets some versions of Internet Explorer, Adobe Flash Player, Java and Silverlight to install malware.

Unwanted software categories

Browser modifiers took out the top spot with 3.4% of encounters, followed by software bundlers (2.5%) and adware (0.9%).

The top unwanted software families include Win32/SupTab (0.7%), Win32/Mizenota (0.7%), Win32/Diplugem (0.7%), Win32/KipodToolsCby (0.6%) and Win32/Sasquor (0.5%).

The Win32/SupTab is a browser modifier that installs itself and changes the browser’s default search provider without consent.

The Win32/Mizenota is a software bundler that installs unwanted software alongside genuine installs. It may install Win32/SupTab, Win32/Sasqor, Win32/Smudplu, and others.

The Win32/Diplugem is a browser modifier that installs browser addons without consent. These addons are usually extra ads on webpages and through web search results.

Globally, the highest number of malicious attacks come from malware hosting sites, with 24.28% out of every 1000 internet hosts. Phishing sites also increased to 7.05%, while drive-by downloads accounted for 1%.

The report also found that 90% of New Zealand computers are running up-to-date and real-time security software in 2Q16, slightly higher than the global average.

Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.
Micro Focus acquires Interset to improve predictive analytics
Interset utilises user and entity behavioural analytics (UEBA) and machine learning to give security professionals what they need to execute threat detection analysis.
Raising the stakes: McAfee’s predictions for cybersecurity
Security teams and solutions will have to contend with synergistic threats, increasingly backed by artificial intelligence to avoid detection.
Exclusive: Ping Identity on security risk mitigation
“Effective security controls are measured and defined by the direct mitigation of inherent and residual risk.”