Microsoft Asia recently released regional findings from their global Security Intelligence Report (SIR), Volume 22, which found that Asian countries, especially emerging ones, are most exposed to malicious programs. Out of the top locations across the globe most at risk of malware infection in the first quarter of 2017, most of them are developing economies from this region.
Microsoft’s bi-annual Security Intelligence Report (SIR) provides in-depth data and insights into the global threat landscape, particularly in software vulnerabilities, exploits, malware and web-based attacks. In this latest version, the report tracked endpoint[1] as well as cloud threat data and profiles more than 100 individual markets. It also shares best practices and solutions that can help organizations better protect, detect and respond to threats.
“Driven by the proliferation of endpoints and the ubiquitous computing power of the cloud, the opportunity for digital transformation to make broad and profound impacts across our society has never been greater,” said Keshav Dhakad, Assistant General Counsel & Regional Director, Digital Crimes Unit (DCU), Microsoft Asia.
“However, for digitalization to reach its fullest potential, users must first trust the technology they use. Microsoft is committed to helping our customers and partners build that trust and the first step is to help them understand the multitude of cyber threats out there so that they can implement more effective ways to manage and neutralize these risks.”
The report found that Bangladesh and Pakistan have the highest malware encounter rate around the world. This is followed by two ASEAN nations – namely Cambodia and Indonesia. Approximately one in four computers running Microsoft real-time security products in these countries reported a malware encounter from January to March 2017.
Other top areas under malware threats include Myanmar, Nepal, Thailand and Vietnam, each with an average malware encounter rate of more than 20 percent in the first quarter of 2017. This is more than double the global average of nine percent.
Malware Encounter Rates for Markets in Asia in Q1 2017 (from highest to lowest):
|
1. Bangladesh 2. Pakistan 3. Cambodia 4. Indonesia 5. Mongolia 6. Myanmar 7. Vietnam
|
8. Nepal 9. Thailand 10. Philippines 11. Sri Lanka 12. China 13. India 14. Malaysia
|
15. Taiwan 16. Korea 17. Hong Kong 18. Singapore 19. Australia 20. New Zealand 21. Japan
|
Ransomware Attacks on the Rise
Ransomware is one of the most infamous malware families in 2017. In the first half of this year, two waves of ransomware attacks, WannaCrypt and Petya, exploited vulnerabilities in outdated Windows operating systems worldwide and disabled thousands of devices by illegitimately restricting access to data through encryption. This not only disrupted individuals’ daily lives but also crippled many enterprises’ operations.
The SIR also highlighted that there is a 300 percent increase in consumer and enterprise accounts managed in the cloud being attacked globally over the past year while the number of logins attempted from malicious IP addresses has increased by 44 percent year over year.
In addition, a large majority of these compromises are the result of weak, guessable passwords and poor password management, followed by targeted phishing attacks and breaches of third-party services. As the frequency and sophistication of attacks on user accounts in the cloud accelerates, there is an increased emphasis on the need to move beyond passwords for authentication.
As the threat landscape continues to evolve and grow, organizations need to ensure they have solid cybersecurity architecture and robust cyber hygiene best practices. This will enable them to better protect their digital environment, detect threats and respond to attacks.
"In today’s digital age, security cannot be an afterthought. It must be 'built-in', all-inclusive and intelligent. The comprehensive threat intelligence that we provide with our SIR as well as advanced security solutions and best IT hygiene practices will all play a critical role in integrating cybersecurity into an organization’s DNA," said Keshav. "By making security a top priority, we can build greater trust in technology and enable digital transformation to reach its fullest potential and fulfil its grandest ambitions."
Resources like the Security Intelligence Report are just one aspect of the Microsoft comprehensive approach to security – including a holistic platform, unique intelligence and broad partnerships – which is critical to enabling the digital transformation of leading organizations in Asia. Check out the Microsoft Secure website to find out more.
To download and learn more about the Microsoft Security Intelligence Report findings, visit www.microsoft.com/sir and the Microsoft Secure Blog.
[1] An endpoint is any device remotely connected to a network that can provide an entry point for attackers––such as a laptop or mobile device. Since users interact with an endpoint, it remains a key opportunity for attackers and a security priority for organizations.
