Cybersecurity

Microsoft: Developing markets in APAC challenged by ransomware and malware encounters

Microsoft released the Asia Pacific (APAC) findings from the latest edition of its Security Endpoint Threat Report 2019, an annual research aimed at identifying cyber threats and building cyber resilience across the region.

Findings were derived from an analysis of diverse Microsoft data sources, including 8 trillion threat signals received and analyzed by Microsoft every day, covering a 12-month period, from January to December 2019.

The research revealed significant differences in the exposure to cyber threats between developed and developing countries, with developing countries continuing to remain vulnerable to threats despite the overall decrease in encounter rates across the region.

“The Microsoft Security Endpoint Threat report aims to create a better understanding of the evolving threat landscape and help organizations improve their cybersecurity posture by mitigating the effects of increasingly sophisticated attacks,” said Mary Jo Schrade, assistant general counsel, Microsoft Digital Crimes Unit, Microsoft Asia.

Threat vectors

APAC continued to experience a higher-than-average encounter rate for malware and ransomware attacks with 1.6 and 1.7 times higher respectively than the rest of the world. This is despite a 23% and 29% overall decline across these two threat vectors when compared to the 2018 findings.

The research revealed that developing countries, including Indonesia, Sri Lanka, India, and Vietnam, were most vulnerable to malware and ransomware threats in 2019.

The research identified that countries with lower piracy rates and stronger cyber hygiene practices have witnessed a significant decline in attacks. Specifically, malware and ransomware threat encounter rates in Japan, New Zealand, and Australia were three to six times lower than the regional average.

India, Indonesia, and Sri Lanka recorded the highest cryptocurrency mining encounters in Asia last year. During such attacks, victims’ computers are infected with cryptocurrency mining malware, allowing criminals to leverage the computing power of their computers without their knowledge.

Drive-by download attack

The drive-by-download attack volume in APAC has converged with the rest of the world at 0.08, following a 27 percent decline from 2018.

These attacks involve downloading malicious code onto an unsuspecting user’s computer when they visit a website or fill up a form. The malicious code that is downloaded is then used by an attacker to steal passwords or financial information.

Despite the general decline in drive-by download attacks across the region, the study found that regional business hubs, Singapore and Hong Kong, recorded the highest attack volume in 2019, over 3 times the regional and global average.

Cybersecurity in the age of COVID-19

With the turn of the new year, COVID-19 has changed the landscape and remains the top-of-mind concern for individuals, organizations, and governments around the world.

Since the outbreak, the Microsoft Intelligence Protection team’s data has shown that every country in the world has seen at least one COVID-19 themed attack, and the volume of successful attacks in outbreak-hit countries seems to be increasing, as fear and the desire for information grows.

Of the millions of targeted phishing messages seen globally each day, roughly 60,000 include COVID-19 related malicious attachments or malicious URLs. Attackers are impersonating established entities like the World Health Organization (WHO), the Centers for Disease Control and Prevention (CDC), and the Department of Health to get into inboxes.