APAC still hotbed for cyber attacks

The Asia-Pacific (APAC) region remains a hotbed for cyber attacks, with individuals and organisations encountering malware more frequently than the rest of the world, a study has found.

According to Microsoft’s Security endpoint threat report 2019, an annual research aimed at identifying cyber threats and building cyber resilience across the region, the malware encounter rate in APAC was 5.34%, down from 23% in 2018.

However, this figure was 1.6 times higher than the global average, making APAC susceptible to cyber threats, said Mary Jo Schrade, assistant general counsel at Microsoft Asia’s digital crimes unit.

In developing markets, where there is a lower level of cyber hygiene and more frequent use of pirated software, ransomware was a bigger problem than in developed markets. Overall, the ransomware encounter rate in the region fell by 29% in 2018 but was still 1.7 times higher than the global figure.

“The malware could be already installed when you buy a pirated system,” Schrade told Computer Weekly. “It also could be that some pirated software – in order to be installed without the manufacturer of the software intervening and requiring a licence – take out things like antivirus to avoid immediately detecting what’s them.”

An earlier Microsoft commissioned study conducted by the National University of Singapore found that three in five CDs and DVDs purchased from counterfeit software suppliers contained malware, while 34% of pirated software downloaded from file-sharing networks was bundled with malware.

For countries with lower piracy rates and stronger cyber security practices, the research found a significant decline in attacks. Specifically, malware and ransomware threat encounter rates in Japan, New Zealand and Australia, were three to six times lower than the regional average.

Two of the region’s developed markets and financial hubs, Singapore and Hong Kong, however, recorded the highest volume of drive-by attacks, which involve downloading malicious code onto victim’s computer when they visit a website or fill up a form. The malicious code is then used by an attacker to steal passwords or financial information.

“We usually see cyber criminals launch such attacks to steal financial information or intellectual property. This is a likely reason why regional financial hubs recorded the highest volume of such threats. The high attack volume in these markets may not necessarily translate into a high infection rate, perhaps due to their good cyber hygiene practices and use of genuine software,” said Schrade.

One bright spot in the study was the decline in crypto-mining attacks in the region. According to the study, the volume of these attacks fell by 64%, more so in Hong Kong, Singapore and Japan. Schrade attributed this to the splitting of cryptocurrency which could take longer to mine.

“There are more lucrative and valuable ways they can leverage their malware and cyber criminals don't see cryptocurrency mining as the focus now,” Schrade said. “They find that it’s more valuable to do other things like ransomware or whatever it might be.”

Microsoft concluded its study in 15 APAC markets prior to the Covid-19 pandemic, using diverse data sources including eight trillion threat signals it received from January to December 2019. Since the outbreak, its data has shown that every country in the world has seen at least one Covid-19 themed attack, and the volume of successful attacks in outbreak-hit countries seems to be increasing, as fear and the desire for information grows.

Schrade said: “According to our data, we found that Covid-19 themed threats are mostly rethreads of existing attacks that have been slightly altered to tie to the pandemic. This means that attackers have been pivoting their existing infrastructure, like ransomware, phishing, and other malware delivery tools, to include Covid-19 keywords, to capitalise on people’s fear”.