Kaspersky Report: 31.8M internet threats detected and blocked in PH in 2018

Recent data from Kaspersky Lab show that close to 32 million internet-borne threats were detected and blocked by Kaspersky Lab among its users in the Philippines in 2018 setting out growth of over 200 percent from 2017. Internet threats and malicious hosting incidents remain the top two attacks that the cybersecurity company has detected on computers of its users in the Philippines between 2017 and 2018.

The latest Kaspersky Security Bulletin (KSB) revealed that a total of 31,887,231 internet-borne threats were tracked by Kaspersky Lab to be attacking its Filipino users. There are currently 76 million active internet users in the country.

The KSB is a periodical report with country-specific data released to present the threat overview of each country around the world. It is based on information obtained from the Kaspersky Security Network (KSN), one of the cybersecurity company’s main cloud systems that were created to discover new and unknown cyber threats and ensure the quickest and most effective protection for its users. KSN automatically processes completely anonymous cyberthreat-related data received from millions of devices owned by Kaspersky Lab users who have voluntarily opted to join this system.

Internet threats

With 41.30% of users attacked by web threats in 2018, the country now lands in Kaspersky Lab’s global list of countries with the most web threats at 11th spot, climbing several notches up from its 30th ranking in 2017. Across Southeast Asia, the Philippines currently holds the record of having the highest number of online incidents followed by Vietnam (19th) and Indonesia (20th), respectively.

Of the attacks, 71.38% were attempted against individual users while 28.62% were aimed versus business users. It was found that cybercriminals used a number of malicious programs to infect Kaspersky Lab users in the Philippines, such as:

  • mobile malware (malicious code designed to target smartphones and tablets)
  • banking Trojans (a kind of malware that steals sensitive financial credentials such as for e-payment and online banking systems from victims, intercepting one-time passwords then sending the data back to the attackers behind the Trojan)
  • coin miner (program for generating or mining cryptocurrency)
  • adware (program designed to launch ads on infected computers and/or to redirect search engine results to promotional websites)
  • riskware (program that is legitimate in itself but can be potentially misused by cybercriminals and lately has been used as a controlling machine for malicious activities)

Attacks via browsers are still the primary method for spreading malicious programs, according to Kaspersky Lab. The popular techniques among cybercriminals to penetrate systems in the country include:

Drive-by download. This refers to the unintentional download of malicious code to a computer or mobile device that leaves the user open to a cyberattack. Infection in this type of attack takes place when visiting an infected website, which doesn’t rely on the user to do anything and without their knowledge to actively enable the attack. For example, you might get a link emailed to you or shared with you on a post on your social media — sources you trust — that are designed to entice you to click and open. Once the website is open, the drive-by download installs itself on your device.

Social engineering. This attack requires user participation where the user has to download a malicious file to her computer. This happens when cybercriminals make the victim believe she is downloading a legitimate program under the guise of a serious problem that needs immediate attention. The attacker may use anger, guilt, and sadness to convince their victims. Many employees and consumers don’t realize that with only a few pieces of information like name, date of birth or address, hackers can gain access to multiple networks.

Malicious hosting

In the same report, it showed that malicious hosting incidents monitored and thwarted by Kaspersky Lab on devices of Filipino users jumped from 449,297 in 2017 to 2,026.076 in 2018 showing an upsurge of more than 300 percent in 12 months. This new data places the Philippines in 35th spot, or three levels higher than its ranking in 2017 of countries worldwide with the most number of such cases. Among six countries in the region, the Philippines ranks third after Singapore (8th) and Vietnam (26th), respectively.

Local threats

Meanwhile, statistics revealed that local threat attacks, wherein users have been infected with malware through removable media (such as USB drives, CDs and DVDs) went down with just two million incidents detected and blocked by Kaspersky Lab.

This development pushed the country’s rank to slide down from 35th in 2017 to 65th place by end of 2018 in the cybersecurity company’s dynamic global listing of countries with the most number of local threat incidents. In the entire SEA region, the Philippines ranks third next to Vietnam (2nd) and Indonesia (55th), respectively.

“All countries in Southeast Asia have demonstrated unfortunate gains in detected online threats which we tie to the fact that it’s a global trend — it’s happening elsewhere in the world as every country is a target. The Philippines, regrettably, has been figuring in our list of top countries where users encounter mobile malware since 2016, and the growing population of active internet and social media users play a part in making the country highly vulnerable to attacks,” said Yeo Siang Tiong, General Manager at Kaspersky Lab Southeast Asia.

“Cybercriminals will keep on creating more sophisticated malware and using different tactics to trick us and steal from us. But we have the most effective and powerful tools now before us to help us mitigate the risks of threats to avoid causing us serious trouble. As Filipinos continue to embrace going digital whether, for business or personal reasons, we urge them to take a more active stance in protecting their data,” he said.

Categories: News

Tagged as: ,