Microsoft: Asia Pacific Among the Most Vulnerable to Malware Threats
Your PC could be in danger, according to a Microsoft report.
As technology evolves and the world grows more dependent on the internet, we slowly start to forget something vital. Being on the internet exposes your computer to many risks. Some websites, like ours at Pokde.net, are safe and secure while others might land your PC in a bunch of nasty things.
We never really know how much of a threat we’re facing but according to Microsoft, countries in the Asia Pacific region are currently the most vulnerable to malware threats. This is something you definitely need to take note of.
Asia Pacific Among the Most Vulnerable, According to Microsoft
Yesterday, Microsoft shared the regional findings from the Security Intelligence Report (SIR), Volume 21. For those of you who aren’t aware, the security report is a twice yearly report that provides unique insights into the threat landscape. This is done to help organizations learn about trend data in industry vulnerabilities, exploits, malware, and web-based attacks.
In that same report, Microsoft has identified Asia Pacific markets as being at the highest risk of cybersecurity threats. As far as Malaysia is concerned, it has ranked 11th amongst the top markets in Asia Pacific under malware threats. It has found that Malaysia has a malware encounter rate of more than 27.6%. which is noticeably higher than the global encounter rate of 20.8% during the same the same time period.
Interestingly enough, Microsoft found that markets in the region with a more mature IT level such as Japan, Australia, New Zealand, South Korea, Hong Kong, and Singapore have lower malware encounter rates compared to the global average. It goes to show how diverse the cybersecurity landscape in Asia Pacific is.
Top Markets in Asia Pacific Under Malware Threats:
- Nepal & Bangladesh
- Sri Lanka
- Hong Kong
- South Korea
- New Zealand
Common Malware Encounters in Asia Pacific
Microsoft also shared the most encountered malware is Malaysia, which includes:
- Gamarue, a worm which can give a malicious hacker control of your PC, steal information and change PC security settings;
- Lodbak, a trojan that is usually installed on removable drives by Gamarue, and which attempts to install Gamarue when the infected removable drive is connected to a computer; and Peals is a generic detection for various threats that display trojan characteristics.
Microsoft also pointed out the dangers of the most commonly encountered malware, Gamarue. It has an encounter rate of 3.3% in Malaysia, and this worm can be distributed via exploit kits, social engineering, and e-mail attachments. When infected, Gamarue allows malicious hackers to control the infected PC. These hackers will usually steal information and quietly change the PC’s security settings.
Threats to Cloud Computing
With the rise of cloud computing, it’s no surprise that it too can have multiple threats looming over it. Microsoft pointed how the report includes a deep dive section on Protecting cloud infrastructure: detecting and mitigating threats using Azure Security Center. In this part, the report explains the potential threats that organizations may face as well as how they can utilize Azure Security Center to protect, detect, and respond to threats.
Some of those cloud-targeted threads are:
- Pivot back attacks, which occurs when an attacker compromises a public cloud resource to obtain information that they then use to attack the resource provider’s on-premises environment
- “Man in the Cloud” attacks, in which an attacker induces a prospective victim to install a piece of malware using a typical mechanism, such as an email with a link to a malicious website. It then switches out the user’s cloud storage synchronization token with the attacker’s token, allowing the attacker to receive copies of each file the user places in cloud storage. This effectively makes the attacker a “man in the middle” for cloud storage.
- Side-channel attacks, where an attacker attempts to put a virtual machine on the same physical server as the intended victim. If he succeeds, the attacker will be able to launch local attacks against the victim. These attacks might include local DDoS, network sniffing, and man-in-the-middle attacks, all of which can be used to extract information.
- Resource ransom, where attackers hold cloud resource hostage by breaking into and controlling public cloud account, and then requiring the victim to pay a ransom to release encrypted or restricted resources.
Microsoft listed out 5 best practices for organizations to improve their defense against cybersecurity threats, which are:
- Ensure strong fundamentals: Use only genuine, current and updated software. The usage of IT assets which are old, unprotected, or are non-genuine in nature, substantially increase the chances for a cyberattack. For example, pirated and counterfeit software are known to come with embedded malware infections.
- Focus on cyber hygiene: Poor cyber hygiene of IT users, negligent employee behaviour or weak credentials/password protection within an organization, adds a high degree of vulnerability for system compromise. With more and more personal devices being used at the workplace, the higher the chance they are infected.
- Have a data culture: Develop a big data analytics culture involving data classification, multifactor authentication, encryption, rights management, machine learning for behavioural analytics and log analytics to spot user anomalies and irregular or suspicious patterns, which could provide potential clues in advance to prevent impending or ongoing security breaches.
- Invest in a robust cyber defence ecosystem and monitor all systems in real time: Invest in trusted security solutions and modern threat protection technologies to monitor, detect and remove common and advanced cyber threats in real time, while developing in-house expertise to undertake threat analytics.
- Regular assessment, review and audit: Be comprehensive on all aspects of cybersecurity, not just technology. Have a IT trusted supply chain across cloud, software, hardware, Internet of Things, BYOD (bring your own device) and regularly review and assess cybersecurity investments and performance of both software and hardware deployment, including customer and vendor access to the corporate network.
The Security Intelligence Report is just one of many ways Microsoft is trying to provide a comprehensive approach to security. They believe it is a critical component to enabling the digital transformation of leading organizations in Asia.
Pokdepinion: Cybersecurity threats are no joke. It could spell the end of businesses if not taken care of well. Data is an important aspect in everyone’s lives today. Sometimes, you never know the dangers of being in the internet until it hits you right on your face.
Given the recent technological advances in the Asia Pacific region, Microsoft simply wants to point out that we, along with other Asia Pacific countries, need a major upgrade in cybersecurity if we’re hoping to keep the growth consistent.