sb-as logo
Story image

Microsoft: Asia's emerging economies vulnerable to malware

05 Sep 2017

Asia’s emerging economies such as Bangladesh, Indonesia and Myanmar are amongst the world’s most vulnerable to malware and other cyber threats, according to findings from Microsoft’s latest Global Security Intelligence Report.

The report shows that Bangladesh, Pakistan, Cambodia, Indonesia and Mongolia were the most at risk in terms of malware encounter rates, while Hong Kong, Singapore, Australia, New Zealand and Japan were least at risk. Japan was rated as the safest country in the world.

Across Bangladesh, Pakistan, Cambodia and Indoensia, one in four computers running real-time Microsoft security products reported a malware encounter between January and March 2017.

According to Keshav Dhakad, Microsoft Asia’s assistant General Counsel and regional director, Digital Crimes Unit (DCU), digital transformation brings profound societal impacts, but users must first trust the technology.

Myanmar, Nepal, Thailand and Vietnam all had an average malware encounter rate of more than 20% in the first quarter – more than double the global average of 9%.

Taiwan hosted the most drive-by download pages with malware in its code.

Japan and China have fared best in terms of avoiding ransomware encounter rates but South Korea had the second highest rate in the world.

The most commonly encountered ransomware was Win32/Spora, which encrypts files with a number of extensions including .doc, .jpg, .docx, .pdf, .xlsx and .zip.

Major headline attacks like WannaCry and NotPetya were ‘disproportionally concentrated’ in Europe and most Asia markets were not heavily impacted by the threats.

According to Microsoft, attackers take GDP, average age of computer users and available payment methods as factors when considering attacks.

Microsoft says that as the threat landscape grows, organisations need solid cybersecurity architecture.

“In today’s digital age, security cannot be an afterthought. It must be “built-in”, all-inclusive and intelligent. By making security a top priority, we can build greater trust in technology and enable digital transformation to reach its fullest potential and fulfil its grandest ambitions,” Keshav says.

Microsoft recommends the following best practices:

1. Do not work in public Wi-Fi hotspots where attackers could eavesdrop on digital communications, capture logins and passwords, and access personal data. 2. Regularly update the operating system and other software programs to ensure the latest patches are installed. This reduces the risk of vulnerability exploitation. Users should also install the most recent release of Windows 10 to take advantage of its improved hardening and security mitigations. 3. Reduce the risk of credential compromise by educating users on why they should avoid simple passwords and enforcing multi-factor authentication methods. 4. Enforce security policies that control access to sensitive data and limit corporate network access to appropriate users, locations, devices, and operating systems. 

Story image
Video: 10 Minute IT Jams - protecting data with user behaviour analytics
In this video, Forcepoint senior sales engineer and solutions architect Matthew Bant discusses the company's DLP solution, the importance of integrating compliance into security solutions, and why cybersecurity strategies should take a more people-based approach.More
Story image
BlackBerry, Microsoft enter partnership for Teams integration
"Integrating BlackBerry AtHoc will ensure that any organisation managing critical events using Teams is able to contact, alert, and account for everyone within the organisation directly."More
Story image
New project development inhibited by cybersecurity, Kaspersky research states
"There are still some practical steps that can be taken to make sure that an emerging technology or a product reaches its launch. Cybersecurity doesn’t have to be another corporate barrier, but it should be on an integral part of the project all long."More
Story image
Businesses left to make decisions based on old, inaccurate data, study finds
"It is more critical than ever that organisations have access to actionable, contextualised, near real-time threat data to power the network and application security tools they use to detect and block malicious actors."More
Story image
Why organisations should wise up to the DDoS extortion trend
While it is essential to have a DDoS mitigation solution in place, it’s also important to test that it works as expected, writes NCC Group director of technical security consulting for Asia Pacific Tim Dillon.More
Story image
Microsoft is most imitated brand for phishing attacks in Q3
Popular phishing tactics using the Microsoft brand used email campaigns to steal credentials of Microsoft accounts, luring victims to click on malicious links which redirect them to a fraudulent Microsoft login page. More