Cyber Security CybersecurityCybersecurity

Kaspersky report finds PH in top 10 of 2020 global web threat detections

The Philippines slipped two notches down from its previous ranking in the latest top 10 global list of countries with the most web-borne threats based on a report from cybersecurity company Kaspersky.

The 2020 Kaspersky Security Network (KSN) report showed that Kaspersky solutions installed in computers of Filipino users detected 44,420,695 different internet-borne threats last year. The report also revealed that more than 4-in-10 (42.2%) of online users in the country were almost infected with web threats in 2020, putting the country at 6th place globally.

The number of web threats in the country is about 37.19% more in 2020 compared to 27,899,906 web threats (44.4%) detected in 2019, placing the country 4th overall in that year.

Kaspersky research shows 48% of enterprises in SEA use outdated, unpatched OS

Kaspersky saw 60% increase in e-learning platform users who faced cyber threats

Nepal, Algeria, Mongolia, Somalia, and Belarus are the top 5 countries that experienced web threats. Joining the Philippines in the top 10 are Malaysia, Brunei Darussalam, Rwanda, and Kenya.

Web threats are attacks via browsers which is the basic method for cybercriminals to spread their malicious programs.

Kaspersky experts observed two noticeable trends behind the change of percentage of users attacked by web threats, not just in the Philippines, but for countries all over the world. First is that the number of users that encounter web miners has been reduced by 1 1/2 times. A Trojan miner like Trojan.Script.Miner.gen is an example of web-mining malware that is used by cybercriminals to secretly mine cryptocurrencies using someone’s computing power and electricity. And second, the number of users that encounter web skimmers has increased by about 20%. Web skimmers (sometimes referred to as sniffers) where scripts are embedded by attackers in online stores to steal credit card data of customers from websites.

Top sources of web threats

According to Kaspersky, internet browsing is the top source of web threats not just in the Philippines but in other countries as well. The pandemic prevented people from going out and they “socialize” over social media platforms as well as do business over the internet.

“One thing that all of us would remember very well about 2020 other than COVID-19 was the shift of major tasks online — mostly within the confines of our homes. It is now a common scenario to see working parents juggle work and assisting kids with their online classes. The stress of finding balance has understandably affected each of us emotionally and psychologically, which created the best scenario for cybercriminals to exploit the situation,” said Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky

Internet users also sometimes fall from unintentional downloads of certain programs (or files) from the internet. This might have come from email attachments or links sent over chat services.

Some web threats might have emerged from browser extension pr a plugin for a web browser that adds certain functions and features to it used for productivity, customization, shopping, games, etc. Examples of extensions are those that block ads on web pages, translate text between languages, or add pages to a third-party bookmark service. Extensions can be malicious or dangerous because these come from third-party websites which collect data to sell to other entities later.

Kaspersky also found downloads of malicious components or communications with control and command (C&C) servers performed by other malware led to web threats. A C&C server helps a fraudster to control a botnet (a network of hijacked computer devices used to carry out various scams and cyberattacks) and sends malicious commands to its members, regulate spyware, send payload, among others.

Corporate defense

“The pandemic has blurred the lines between corporate defenses and home security. Remote work, online classes, digitalization across all sectors will continue, at least for 2021. It is high time for enterprises of all shapes and sizes to understand that online threats against individuals should now be considered as risks against companies. We need to remember that cybercriminals never sleep. Hence, our security solutions should be automated, intelligence-based, and proactive,” said Yeo.

Globally, the Philippines’ 2020 ranking in local threat detections also went down by one mark from 2019. With 44,541,812 local incidents blocked on computers of Kaspersky users in the Philippines, it is currently at 62nd place from its 61st place in 2019 when it had 47,443,112 incidents.

Statistics from the report also showed that more than 4-in-10 (47.4%) of Filipino internet users were attempted to be attacked with local threats in 2020 compared to almost six-in-10 (56.90%) users who were affected in 2019.

Local threats are basically local infections where users are attacked by malware spread through “offline” methods such as removable USB drives, CDs, and DVDs.