SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image

Singapore 11th for cyber threats sources, says Kaspersky

Wed, 17th Jul 2019
FYI, this story is more than a year old

Kaspersky's latest data from Kaspersky Security Network (KSN) has uncovered more than two million incidents which originated from servers located in Singapore in the second quarter of 2019.

This places Singapore at 11th place globally when it comes to locations with the most number of incidents caused by servers hosted in the country.

The report also found that 2,141,642 local incidents on the computers, and that a third (33.6%) of users in this country were almost infected by local threats during this period. In terms of web threats, Kaspersky detected 1,300,197 different Internet-borne cyber threats on the computers of KSN participants in Singapore, with 12.8% of users were attacked by web-borne threats during Q2 2019.

"As one of Asia's top digital nations, it is unsurprising that Singapore has become a key target for hackers to perpetrate attacks through the country's well-developed IT infrastructure,” says Kaspersky Southeast Asia general manager Yeo Siang Tiong.

“This underscores the importance of ensuring that cybercriminals do not take advantage of our local servers for their ill-intents. To develop a robust cybersecurity strategy and overcome such challenges, we need to further build on the nation's capacity for public-private partnerships so there can be a concerted effort in addressing such issues.

“With the government's clear priority towards securing the country's online periphery, I believe the threat landscape in the country will improve, maybe slowly, but still surely. For our part, we recently extended our knowledge sharing cooperation with INTERPOL and we also have active partnerships with universities in Singapore which aim to boost the cybersecurity skills of the youth in this country.

Local threats include worms and file viruses account for the majority of such incidents.

This data shows how frequently users are attacked by malware spread via removable USB drives, CDs and DVDs, and other “offline” methods.

Web-based threats are malware programs that can target someone while using the Internet.

These browser-based threats include a range of malicious software programs that are designed to infect victims' computers.

Web threats include drive-by download that refers to the unintentional download of malicious code to one's computer or mobile device, leaving it open to a cyber attack.

This infection can also be done through social engineering which involves tricking the human mind to download a legitimate-looking but infected program on a computer.

When a Kaspersky customer is attacked by an online threat, we record the source of this threat – the location of the object detected by WebAntivirus component.

Based on that data, the share of incidents caused by servers hosted in Singapore was 0.4% – that is 2,888,612 incidents in the period April-June 2019.

In order to be secured against the evolving threats online, Kaspersky's security experts advise the following basic but important steps:

  • Carefully check the link before visiting a site, especially for misspelling or other irregularities, even if you think it's a site you've visited regularly before.
  • Enter your username and password only over a secure connection. Avoid logging in to online banks and similar services via public Wi-Fi networks.
  • Be aware that URLs that begin with the “https” may not always be secure.
  • Don't trust emails from unknown senders until you can verify the authenticity of their origins.
  • Always run a system with a quality, up-to-date anti-malware program such as Kaspersky Internet Security.

For companies, Kaspersky recommends the following:

  • Educating employees about the risks – like the basic rule to not open emails from people they do not know as well as attachments or links.
  • Advocating good password habits in the workforce including using unique passwords and keeping it safe from anyone's access.
  • Setting up tiered levels of access, giving permission only to those who need it on each level.
  • Conducting regular cybersecurity training which will deliver knowledge on latest threats and more importantly to improve employee habits and form new behavior patterns for a safer work environment.
Follow us on: