Malaysia Continues to Lure Cybercriminals: Report
As per the findings of a recent report, Malaysia still continues to attract cybercriminals despite businesses stepping up cybersecurity measures and tending to capitalize on the latest security intelligence.
In the 24th edition of its Security Intelligence Report (SIR), Microsoft reveals such findings relating to the cyber landscape in Malaysia. SIR, which is based on an annual study, seeks to explore and provide customers/users with new data and insights as the cyber landscape changes.
A press release by Microsoft Malaysia, based on the report, says, “The SIRv24 comprises of core insights and key trends derived by sifting through data between January to December 2018 from multiple, diverse sources, including 6.5 trillion threat signals that go through the Microsoft cloud every day. The report includes an overview on the lessons learned from the field and recommended best practices.”
The news release also quotes Dr. Dzahar Mansor, National Technology Officer, Microsoft Malaysia, as saying- “Undoubtedly, cybersecurity is one of the most pressing issues for organizations today. As cyberattacks continue to increase in frequency and sophistication, understanding prevalent cyberthreats and how to limit their impact has become an imperative. The SIRv24 aims to keep pace with the ever evolving cyberthreat landscape by highlighting the techniques and tradecraft of cybercriminals and offering insights to improve cyber resilience and overall cybersecurity health of an organization.”
Let’s take a look at the key findings of SIRv24 as regards the cyber landscape in Malaysia…
Cryptocurrency mining malware encounter rate increases
As per the SIRv24, cryptocurrency mining malware encounter rate in Malaysia has increased considerably in 2018. Between January to December 2018, the rate in Malaysia was 33 percent higher than the global average. The report also noted that the encounter rate would increase or decrease in accordance with the rise and fall in the value of cryptocurrency. The factors that have caused this rise in popularity for cryptocurrency mining are many. The most notable factor is that cryptocurrency mining works in the background, even as the user performs other tasks on the system and also when the user is away from the system. The cryptocurrency mining might not even be noticed unless it impacts the computer’s performance considerably. Thus, users won’t be taking actions to remove the threat and the mining would go on for an extended period of time. The wide availability of “off the shelf” products for covert mining of many cryptocurrencies is also a factor that causes the increase in the encounter rate.
The Microsoft Malaysia press release notes, “The barrier to entry is low because of the wide availability of coin mining software, which cybercriminals repackage as malware to deliver to unsuspecting users’ computers. The weaponized miners are then distributed to victims using many of the same techniques that attackers use to deliver other threats, such as social engineering, exploits, and drive-by downloads.”
Decline in number of ransomware attacks, but it’s still a threat
Though there has been a decrease in ransomware encounters worldwide (73% decrease), ransomware continues to be a visible threat in Malaysia. As per SIRv24, the ransomware encounter rate in Malaysia was 100 percent more than the global average.
The Microsoft Malaysia news release observes, “One of the key reasons contributing to the fall of ransomware attacks is the organizations and individuals becoming more aware of and dealing more intelligently with ransomware threats, including exerting greater caution and backing up important files so they can be restored if encrypted by ransomware.”
It further says, “While organizations and consumers are encountering ransomware at lower volumes compared to the previous year, it does not mean the severity of attacks has declined. It is still capable of making real-world impact by affecting corporate networks and crippling critical services such as hospitals, transportation, and traffic systems.”
Malaysia experiences a higher rate of drive-by download attacks
SIRv24 points out that though drive-by download attacks have decreased globally by 22 percent, the rate is much higher in Malaysia. The country experienced approximately 544 percent more such attacks compared to the rest of the world. Taiwan, Malaysia and Indonesia experienced the highest concentration of drive-by download attacks in the entire Asia Pacific region.
Drive-by download refers to the unintentional download, to an unsuspecting user’s system, of malicious code, which can then be used to exploit vulnerabilities in browsers, browser add-ons, applications, OSs etc. Thus, a user could get infected with malware even without downloading anything, just by visiting a website. Hackers also use drive-by download attacks to install ransomware or carry out cryptocurrency mining.
Developing markets in Asia Pacific highly vulnerable
As per SIRv24, malware encounter rate in the Asia Pacific was 37 percent higher than the global average, even as on the global level the rate has decreased by 34 percent. The report also points out that the infection rates were intimately connected to the human development factors and technology readiness within a society. Thus, Indonesia, Philippines and Vietnam had the highest malware encounter rates in the Asia Pacific region. On the other hand, Japan, Australia and New Zealand had the lowest malware encounter rates. The report points out that these locations tend to have “…mature cybersecurity infrastructures and well-established programs for protecting critical infrastructure and communicating with their citizens about basic cybersecurity best practices.”
The Microsoft Malaysia press release includes the statement of Dato’ Ts. Dr. Haji Amirudin Bin Abdul Wahab, Chief Executive Officer of CyberSecurity Malaysia, – the national cybersecurity specialist and technical agency. He says, “As the digital world progresses, it also continues to make us more vulnerable to more sophisticated cyber threats. The findings of this study show that we continue to be exposed to threats like ransomware and cryptocurrency mining. As cyber security specialists, we have been stepping up efforts to spread awareness on the importance of cyber security and creating strong safeguard for our cyberspace so that Malaysian businesses and the economy at large can operate seamlessly.”
Premier Media Conglomerate of Malaysia, Falls for Ransomware Infection