More vulnerable countries saw over 40% computers hit by malicious software compared to world average of 21%
Microsoft says it generally takes on average up to 200 days for organisations to find out that they have been victims of cyber attacks
Lists four key areas for effective early action
By Nisthar Cassim in Singapore
Sri Lanka is among top 10 countries in the Asia Pacific impacted by and facing growing threats to cyber security, according to findings of a top regional study released in Singapore yesterday.
Sri Lanka was ranked at number nine, with Pakistan, Indonesia and Bangladesh figuring in the top three in the Microsoft Malware Infection Index 2016 (MII2016).
Others within the top 10 were Nepal, Vietnam, Philippines, Cambodia, India and Thailand. Most in the top 10 had an average of close to 40% or more computers encountering malware, compared to the worldwide average of only 20.8%, as of 4Q 2015, up from 17.6% in 1Q 2015.
Japan and New Zealand were least affected due to their stronger cyber security defences and practices. The Index identifies key malware threats in the region and ranks countries according to how much they are affected.
The latest ranking and key findings of malware were released at Microsoft Cyber Trust Experience in Singapore for journalists from the Asia Pacific including the Daily FT.
The Forum, which featured senior officials from Microsoft and Interpol among others, highlighted key threats undermining cyber security in the Asia Pacific.
According to Microsoft, the top three most encountered malware include Gamarue, a malicious computer worm that is commonly distributed via exploit kits and social engineering; and Skeeyah and Peals which are trojans that try to look innocent to convince users to install them.
These malware can steal personal information, download more malware, or give a malicious hacker access to a PC. The findings are based on data from the Microsoft Malware Protection Centre (MMPC) and the Microsoft Security Intelligence Report (SIRv20.
Apart from malware, other major cyber-attacks include via Distributed Denial of Service or DDoS, which is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources, and identity theft, a crime in which an imposter obtains key pieces of personal information in order to impersonate someone else and gain access to sensitive data online.
According to the index and findings, the Asia Pacific region is especially vulnerable with emerging markets most at risk of malware threats.
“The rising sophistication and targeted cyber-attacks are causing devastating disruption and losses of data and information across all computer and internet user segments. In fact, it generally takes on average up to 200 days for organisations to find out that they have been victims of cyber-attacks,” Microsoft Asia Regional Director, Intellectual Property and Digital Crimes Unit Keshav Dhakad told journalists.
Microsoft said the Windows Defender Advanced Threat Hunting team in April reported the discovery of a group of cybercriminals, dubbed PLATINUM, who have actively since 2009 been targeting governmental organisations, defence institutes, intelligence agencies, and telecommunication providers in South and Southeast Asia.
Gamarue, which is among the top three malwares, is particularly prevalent in the ASEAN region and was the third most commonly encountered malware family worldwide in 2H 2015. Microsoft said certain heavily-affected locations such as Indonesia reported Gamarue encounter rates of over 20% in 4Q 2015, close to the worldwide encounter rates for all threat families combined for the quarter.
It is commonly distributed via exploit kits and social engineering and has been observed to steal information from the local computer and communicate with command-and-control servers managed by attackers. It is particularly prevalent in Mongolia, with 35 computers infected out of every 1,000 running the Microsoft Malicious Software Removal Tool (MSRT) in 2H 2015.
Trojans Peals and Skeeyah are generic detections for a variety of threats that share certain characteristics. Trojan encounters increased 57% from 2Q 2015 to 3Q 2015 and remained at a high through the end of the year, which was attributed to increased encounters with Peals and Skeeyah. They have been observed to download and install other malware, use your computer for click fraud, steal information like usernames and browsing history and give your PC access to a remote malicious hacker.
Dhakad said Microsoft has noticed four key common IT environment issues.
Firstly, the usage of IT assets which are old, unprotected, or are non-genuine in nature. Secondly, unmanaged and unregulated IT assets usage, procurement and maintenance. Thirdly, poor cyber hygiene of users and negligent employee behaviour inside companies. Fourthly, the inability of the companies to timely monitor, detect and remove modern cyber threats, among others, are some of the common causes for cybercrime risks
As part of Microsoft’s commitment to building trust in technology in the region, a new Cyber Security Centre (CSC) to advance the fight against cyber threats was opened in South Korea in March, following a similar launch in Singapore last February.
The CSCs drive greater public-private partnerships to fight cybercrime, as well as strengthen the cooperation with local businesses, governmental and academic organizations on cyber security. These CSCs are an extension of the Microsoft Cybercrime Centre in Redmond, USA, the headquarters of Microsoft Digital Crimes Unit (DCU). The other Satellite Centres in Asia are located in Singapore, Beijing, Tokyo and India.
Top markets in Asia Pacific under malware threats. Ranked by the number of malware detections based on counts of machines.
9. Sri Lanka
15. Hong Kong
18. New Zealand
Source: Malware Infection Index 2016 by Microsoft Malware Protection Centre and Microsoft Security Intelligence Report.