Philippines is 8th most vulnerable to malware in Asia Pacific

Microsoft SIR Report 2017

Latest security intelligence report also found that attacks on accounts in the cloud have tripled globally as more organizations move their data to the cloud

[PHILIPPINES, [SEPTEMBER 2017] –  Microsoft Asia Pacific today released regional findings from their global Security Intelligence Report (SIR), Volume 22, which found that emerging markets such as Bangladesh, Cambodia, Indonesia, Myanmar and Vietnam are among the top five most exposed countries in Asia Pacific to malicious programs.

The Philippines reported a malware encounter rate of 19.2% as of March 2017, the eighth highest in the Asia-Pacific region. This was gathered from telemetry data from computers whose administrators or users choose to opt in to provide data to Microsoft. Microsoft learns about the most prevalent threats on both global and per country bases, and use this to proactively enhance its security products and services to address those threats.

The country has an above-average exposure to drive-by download sites (websites that host one or more exploits that target vulnerabilities in web browser and browser add-ons), with the Philippines at 0.05 to 0.1 per 1,000 URLs). It also has ransomware encounter rates (0.08%-0.12%).

Microsoft’s bi-annual Security Intelligence Report (SIR) provides in-depth data and insights into the global threat landscape, particularly in software vulnerabilities, exploits, malware and web-based attacks. In this latest version, the report tracked endpoint[1] as well as cloud threat data and profiles more than 100 individual markets. It also shares best practices and solutions that can help organizations better protect, detect and respond to threats.

“As the intelligent cloud becomes pervasive in the digital transformation age, we are empowered by technology to pursue endless opportunities with greater impact,” said Antony Cook, Associate General Counsel, Microsoft Asia Pacific, Japan & Australia. “We will not, however, be able to remain safe and reach our full potential in this ever-connected world, without also understanding the cybersecurity threat environment and building our awareness around the growth in cybercrime.”

Asia Pacific Countries Among the Most Vulnerable to Malware

1.     Bangladesh

2.     Cambodia

3.     Indonesia

4.     Myanmar

5.     Vietnam

 6.     Nepal

7.     Thailand

8.     Philippines

9.     Sri Lanka

10.   Malaysia

11.   Korea

12.   Singapore

13.   New Zealand

 

Malware Encounter Rates for Markets in Asia Pacific in Q1 2017 (from highest to lowest)

Within Asia Pacific, the report found that approximately one in four computers in Bangladesh, Cambodia and Indonesia running Microsoft real-time security products in these countries reported a malware encounter between January to March 2017. Bangladesh, Cambodia, Indonesia, Myanmar, Vietnam, Nepal and Thailand each reported an average malware encounter rate of more than 20 percent in the first quarter of 2017. This is more than double the global average of nine percent.

On the other hand, countries in Asia Pacific with higher levels of IT maturity, namely New Zealand and Singapore, performed better than the worldwide average.

Ransomware Attacks on the Rise 

Ransomware is one of the most infamous malware families in 2017. In the first half of this year, two waves of ransomware attacks, WannaCrypt and Petya, exploited vulnerabilities in outdated Windows operating systems worldwide and disabled thousands of devices by illegitimately restricting access to data through encryption. This not only disrupted individuals’ daily lives but also crippled many enterprises’ operations.

Most of the attacks have disproportionately concentrated in Europe and many of the Asia Pacific countries have not been heavily impacted. However, Korea is one of the few exceptions in the region, with the second highest ransomware occurrences worldwide.

Attackers evaluate several factors when determining what regions to target, such as a country’s GDP, average age of computer users and available payment methods. Language can also be a key contributing factor as a successful attack often depends on an attacker’s ability to personalize a message to convince a user to execute the malicious file.

Cloud Accounts and Services Under Cyber Siege

As cloud migration increases, the cloud has become the central data hub for a majority of organizations. This also translates into more valuable data and digital assets being stored in the cloud, making it a growing target for cybercriminals.

A large majority of these attacks on consumer and enterprise accounts managed in the cloud are the result of weak, guessable passwords and poor password management, followed by targeted phishing attacks and breaches of third-party services. As the frequency and sophistication of attacks on user accounts in the cloud accelerates, there is an increased emphasis on the need to move beyond passwords for authentication.

Building Trust in the Digital World by Strengthening Cybersecurity Posture

As the threat landscape continues to evolve and grow, organizations need to ensure they have a solid cybersecurity architecture and robust cyber hygiene best practices to better protect their digital environment, detect threats and respond to attacks.

Here are four best practices that individuals and organizations can consider to minimize their cyber risk exposures and stay resilient in an ever-changing threat landscape:

  • Do not work in public Wi-Fi hotspots where attackers could eavesdrop on digital communications, capture logins and passwords, and access personal data.
  • Regularly update the operating system and other software programs to ensure the latest patches are installed. This reduces the risk of vulnerability exploitation.
  • Reduce risk of credential compromise by educating users on why they should avoid simple passwords and enforcing multi-factor authentication methods, such as the one from Azure Multi-Factor Authentication (MFA).
  • Enforce security policies that control access to sensitive data and limit corporate network access to appropriate users, locations, devices, and operating systems. These policies can automatically block the user without the proper authorization or offer suggestions that include password resets and multi-factor authentication enforcement.

Resources like the Security Intelligence Report are just one aspect of Microsoft’s comprehensive approach and commitment to security – including a holistic platform, unique intelligence and broad partnerships – which is critical to enabling the digital transformation of leading organizations in Asia Pacific. You can check out the Microsoft Secure website to find out more.

To download and learn more about the Microsoft Security Intelligence Report findings, visit www.microsoft.com/sir and the Microsoft Secure Blog.

[1] An endpoint is any device remotely connected to a network that can provide an entry point for attackers––such as a laptop or mobile device. Since users interact with an endpoint, it remains a key opportunity for attackers and a security priority for organizations.