Story image

From Vietnam without love: Asia Pacific's next cyber attack hub

14 Feb 2018

Vietnam may be hailed as the next Silicon Valley for its technology prowess, but for the first time it is now one of the top five cyber attack source locations.

ThreatMetrix’s Q4 2017 Cybercrime report shows an increase in attacks that appeared to be from Vietnam and Russia. Attackers used automated bots and location spoofing tools to create mayhem.

In addition to China, Vietnam was one of the top five attack origin countries for the first time. Attacks from the country targeted businesses across Australia, Singapore, Japan, the United States and the United Kingdom.

In India strong mobile penetration and transaction growth has contributed to a steep rise in attacks against the country. Payment fraud and identity spoofing are the top attack vectors.

In Asia, the region had the highest level of account creation attacks, with a particular focus on eCommerce and media companies. Identity and device spoofing were the top attack vectors, however there is also strong growth in bot attacks against US retailers. Bot spikes are short-lives, most lasting between one and two days.

“Given bot traffic has the ability to slip under the radar of traditional rate control solutions and mimic good customer traffic, the onus is firmly on businesses to distinguish between good and bad transactions,” the report says.

Australia and New Zealand continued to be targeted by attacks originating from Southeast Asia. Identity spoofing attacks have grown due to an increase in the amount of data released into the wild.

Russia swooped in to take the title of top attack source originator, with most attacks targeting United States eCommerce retailers.

Cryptocurrency marketplaces also experienced their share of fraudulent activity. Fraudulent accounts are created using stolen identities to launder money. Attackers are also hacking legitimate accounts to make fraudulent payment and steal currencies when their values peak.

“Cryptocurrency marketplaces need a more accurate way to verify the identity of new customers who open an account in order to prevent the infiltration of criminals,” comments ThreatMetrix VP of product marketing, Vanita Pandey.

Other key highlights from the ThreatMetrix Cybercrime Report: Q4 2017

  • ThreatMetrix detected and stopped 251 million attacks in real time last quarter, as the overall attack rate grew 50% year-on-year.
  • 52% of all online transactions now come from mobile devices, a 54% increase from two years ago.
  • 58% of all account creations are now done on a mobile device, and attacks on mobile account creations grew 150% since the start of 2017.
  • Cross-border transactions continue to grow quarter-on-quarter: 30% of transactions are now cross-border, up from 25% at the beginning of 2017.
  • Bot attacks have reached unprecedented levels this quarter with 840 million bot attempts detected and blocked.
Salesforce continues to stumble after critical outage
“To all of our Salesforce customers, please be aware that we are experiencing a major issue with our service and apologise for the impact it is having on you."
D-Link hooks up with Alexa and Assistant with new smart camera
The new camera is designed for outdoor use within a wireless smart home network.
Slack users urged to update to prevent security vulnerability
Businesses that use popular messaging platform Slack are being urged to update their Slack for Windows to version 3.4.0 immediately.
Secureworks Magic Quadrant Leader for Security Services
This is the 11th time Secureworks has been positioned as a Leader in the Gartner Magic Quadrant for Managed Security Services, Worldwide.
Google puts Huawei on the Android naughty list
Google has apparently suspended Huawei’s licence to use the full Android platform, according to media reports.
Using data science to improve threat prevention
With a large amount of good quality data and strong algorithms, companies can develop highly effective protective measures.
General staff don’t get tech jargon - expert says time to ditch it
There's a serious gap between IT pros and general staff, and this expert says it's on the people in IT to bridge it.
ZombieLoad: Another batch of flaws affect Intel chips
“This flaw can be weaponised in highly targeted attacks that would normally require system-wide privileges or a complete subversion of the operating system."