Developing countries in Asia were the most exposed to malware in the first quarter (Q1) of 2017, according to Microsoft's global Security Intelligence Report (SIR), Volume 22.
The report looked at threat data for both endpoint devices and cloud system to provide in-depth data and insights into the global threat landscape, particularly on software vulnerabilities, exploits, malware and online attacks.
Bangladesh and Pakistan were found to have the highest malware encounter rates worldwide, followed by Cambodia and Indonesia. The report indicated that approximately one in four computers in these countries that use Microsoft real-time security products had a malware encounter in Q1.
Other Asian countries including Myanmar, Nepal, Thailand, and Vietnam recorded an average malware encounter rate of more than 20 percent from January to March 2017, which is 11 percent higher than the global average of nine percent.
Screenshot from Microsoft report.
Countries with higher levels of IT maturity such as Australia, Hong Kong, Japan, New Zealand, and Singapore recorded a lower malware encounter rate than the global average. The SIR considered Japan as the safest country against malware as only two percent of computers in the country were reported to have encounter a malware in Q1.
Meanwhile, the number of malware attacks against cloud-based consumer and enterprise accounts worldwide had tripled over the past year.
There was also a 44 percent year-over-year increase in the number of attempted logins from malicious IP address. According to the report, the growth was mainly caused by weak, guessable passwords and poor password management by individuals and organisations. This is followed by targeted phishing attacks and breaches of third-party services.
Building defence wall against malware
With the continuous evolution of threat landscape, Microsoft advised organisations to ensure they have a solid cybersecurity architecture and follow cyber hygiene best practices.
"In today's digital age, security cannot be an afterthought. It must be "built-in", all-inclusive and intelligent...By making security a top priority, we can build greater trust in technology and enable digital transformation to reach its fullest potential and fulfil its grandest ambitions," said Keshav Dhakad, assistant general counsel & regional director for Digital Crimes Unit (DCU) of Microsoft Asia.
In line, the report highlighted four practices that individuals and organisations can adopt to minimise their exposure to cyber risks.
- Do not work using public Wi-Fi. Attackers can eavesdrop on digital communications thus steal login credentials and passwords, and access personal data.
- Keep operating system and software programmes updated. Ensure the latest patches are installed in the devices to reduce the risk of vulnerability exploitation.
- Avoid using simple passwords. Organisations must thus enforce multi-factor authentication methods to reduce the risk of credential compromise.
- Enforce security policies that control access to important data. Organisations must limit the corporate network access to appropriate users, locations, devices, and operating systems.