Connected technologies undeniably offer exciting new ways to live and work, presenting boundless opportunities for innovation, creativity and efficiency. However, they simultaneously also raise the risk of exposure to security and privacy threats. Computers may be continuously elevating their security levels, but attackers are also evolving their tactics.
The threat is especially pertinent for Asia, where more than 1 billion people are on the Internet, and individuals and businesses increasingly operate in a mobile-first, cloud-first world. Today’s employees, for example, no longer only use on-premise software to access sensitive data but also do so from cloud-based systems, utilizing a broad array of devices and platforms, from laptops and personal devices, to even Internet of Things sensors.
According to the Microsoft’s latest Security Intelligence Report released in November, the Asia Pacific has been particularly vulnerable. The study revealed that out of the top five locations across the globe most at risk of infection, a total of four are from the Asia Pacific — Pakistan, Indonesia, Bangladesh and Nepal, topping the rankings at first, second, fourth and fifth places respectively in terms of computers encountering malware. All four had close to 40% or more computers encountering malware, compared to the worldwide average of only 14.8%. Pakistan and Indonesia were no strangers to the list, having also scored among the highest encounter rates in the world in last year’s report.
Although encountering a threat does not necessarily mean a computer has been infected, encounter rates, especially when coupled with infection rates, are able to provide a broad picture of the malware landscape, highlighting where unwanted software is highly prevalent, how malware propagates and how computers get infected. Pakistan, for example, also had one of the highest infection rates in the world, along with Mongolia, Nepal, Indonesia and the Philippines.
It is also interesting to note the significant differences among the types of threats affecting users in different parts of the world.
India, for example, experienced higher encounter rates for Back-doors, browser modifiers, and obfus-cators & injectors than other locations. Meanwhile, China had a relatively high encounter rate for viruses, particularly DOS/JackTheRipper. The spread of malware can be highly dependent on language and socioeconomic factors, as well as on the methods used for distribution. Some threats are spread by targeting people who speak a particular language or who use online services that are local to a specific geographic region. Other threats target vulnerabilities or operating system configurations and applications that are unequally distributed around the world.
The rate of security software usage in a country or region often correlates with its infection rate. In fact, the Microsoft Security Intelligence Report found that computers lacking real-time security software are six times more likely to be infected with malware than computers that are always protected. The focus and pace of attackers have intensified over time, and threats are becoming more sophisticated, malicious, and accelerated than ever before.
Investing in security to protect our customers
Microsoft recognizes that the digital age we live in requires an evolving security posture reflective of its dynamic realities. With an abundance of platforms, tools and services working in tandem, we now need to ensure all endpoints are protected—be they sensors, datacenters, identities or SaaS applications, to name a few. The intelligence of the cloud, machine learning and behavioral monitoring can also provide the data needed to detect threats more swiftly, so security and IT teams can respond promptly and comprehensively.
Microsoft not only invests more than a billion dollars each year in security research and development, but has also worked to introduce company-wide collaborative processes, ensuring its technologies work together, informed by insights, to deliver a holistic, agile, security platform.
Our recently launched Cyber Defense Operations Center also brings together security response experts from across the organization to protect, detect and respond to threats in real-time. Security has always been core part of Microsoft, and will continue to play an increasingly crucial role, protecting and empowering customers and the industry, as we take on today’s mutable threat landscape together.
For a more detailed list of top malware threats, please click here to read the entire SIR report for more data around the cyber security threats encountered in the first half of 2015. As the industry’s most comprehensive perspective on the threat landscape, the Microsoft Security Intelligence Report provides insights and trend data on vulnerabilities, exploits, malware and malicious websites that individuals and organizations can use to assess their current security posture.
Read more about how Microsoft is fighting cybercrime in the region.