31.8M internet threats detected and blocked in PH in 2018 – Kaspersky Lab report
Recent data from Kaspersky Lab show that close to 32 million internet-borne threats were detected and blocked by Kaspersky Lab among its users in the Philippines in 2018 setting out a growth of over 200 percent from 2017. Internet threats and malicious hosting incidents remain the top two attacks that the cybersecurity company has detected on computers of its users in the Philippines between 2017 and 2018.
The latest Kaspersky Security Bulletin (KSB) revealed that a total of 31,887,231 internet-borne threats were tracked by Kaspersky Lab to be attacking its Filipino users. There are currently 76 million active internet users in the country.
The KSB is a periodical report with country-specific data released to present the threat overview of each country around the world. It is based on information obtained from the Kaspersky Security Network (KSN), one of the cybersecurity company’s main cloud systems that was created to discover new and unknown cyberthreats and ensure the quickest and most effective protection for its users. KSN automatically processes completely anonymous cyberthreat-related data received from millions of devices owned by Kaspersky Lab users who have voluntarily opted to join this system.
With 41.30% of users attacked by web threats in 2018, the country now lands in Kaspersky Lab’s global list of countries with the most web threats at 11th spot, climbing several notches up from its 30th ranking in 2017. Across Southeast Asia, the Philippines currently holds the record of having the highest number of online incidents followed by Vietnam (19th) and Indonesia (20th), respectively.
Of the attacks, 71.38% were attempted against individual users while 28.62% were aimed versus business users. It was found that cybercriminals used a number of malicious programs to infect Kaspersky Lab users in the Philippines, such as:
- mobile malware (malicious code designed to target smartphones and tablets)
- banking Trojans (a kind of malware that steals sensitive financial credentials such as for e-payment and online banking systems from victims, intercepting one-time passwords then sending the data back to the attackers behind the Trojan)
- coin miner (program for generating or mining cryptocurrency)
- adware (program designed to launch ads on infected computers and/or to redirect search engine results to promotional websites)
- riskware (program that is legitimate in itself but can be potentially misused by cybercriminals and lately has been used as a controlling machine for malicious activities)
Attacks via browsers is still the primary method for spreading malicious programs, according to Kaspersky Lab. The popular techniques among cybercriminals to penetrate systems in the country include:
Drive-by download. This refers to the unintentional download of malicious code to a computer or mobile device that leaves the user open to a cyberattack. Infection in this type of attack takes place when visiting an infected website, which doesn’t rely on the user to do anything and without their knowledge to actively enable the attack. For example, you might get a link emailed to you or shared with you on a post on your social media — sources you trust — that are designed to entice you to click and open. Once the website is open, the drive-by download installs itself on your device.
Social engineering. This attack requires user participation where the user has to download a malicious file to her computer. This happens when cybercriminals make the victim believe she is downloading a legitimate program under the guise of a serious problem that needs immediate attention. Attacker may use anger, guilt and sadness to convince their victims. Many employees and consumers don’t realize that with only a few pieces of information like name, date of birth or address, hackers can gain access to multiple networks.
In the same report, it showed that malicious hosting incidents monitored and thwarted by Kaspersky Lab on devices of Filipino users jumped from 449,297 in 2017 to 2,026.076 in 2018 showing an upsurge of more than 300 percent in 12 months. This new data places the Philippines in 35th spot, or three levels higher than its ranking in 2017 of countries worldwide with the most number of such cases. Among six countries in the region, the Philippines ranks third after Singapore (8th) and Vietnam (26th), respectively.
Meanwhile, statistics revealed that local threat attacks, wherein users have been infected with malware through removable media (such as USB drives, CDs and DVDs) went down with just two million incidents detected and blocked by Kaspersky Lab.
This development pushed the country’s rank to slide down from 35th in 2017 to 65th place by end of 2018 in the cybersecurity company’s dynamic global listing of countries with the most number of local threat incidents. In the entire SEA region, the Philippines ranks third next to Vietnam (2nd) and Indonesia (55th), respectively.
“All countries in Southeast Asia have demonstrated unfortunate gains in detected online threats which we tie to the fact that it’s a global trend — it’s happening elsewhere in the world as every country is a target. The Philippines, regrettably, has been figuring in our list of top countries where users encounter mobile malware since 2016, and the growing population of active internet and social media users play a part in making the country highly vulnerable to attacks,” said Yeo Siang Tiong, General Manager at Kaspersky Lab Southeast Asia.
“Cybercriminals will keep on creating more sophisticated malware and using different tactics to trick us and steal from us. But we have the most effective and powerful tools now before us to help us mitigate the risks of threats to avoid causing us serious trouble. As Filipinos continue to embrace going digital whether for business or personal reasons, we urge them to take a more active stance in protecting their data,” he said.
Below are tips from Kaspersky Lab’s cybersecurity experts to keep internet users a little more safe from the dangers lurking online and offline:
- Keep personal information professional and limited. Share data that only your client or employer would need such as your expertise, professional background and contact information only. Beyond that, keep everything else private.
- Keep your privacy settings on and keep them enabled all the time. Remember that your web browser, mobile OS and social media apps have privacy-enhancing settings available.
- Practice safe browsing. As you would avoid strange and unfamiliar neighborhoods in real life, so should you be mindful of checking out questionable online sites. Don’t assume links are genuine.
- Use your own device and check that your internet connection is always secure. If you can avoid using public computers and public wifi, do so. There is a reason why cybersecurity experts worry about “endpoints” or places where a private network connects to the outside world. Your vulnerable endpoint is your local internet connection. It pays a lot to wait for a better time to be able to connect to a secure network.
- Be careful what you download. Don’t download apps that look suspicious or come from a site you don’t trust. Hold back before opening unsolicited email attachments and accepting peer-to-peer file transfers.
- Choose strong passwords. Passwords are one of the biggest weak spots in the data security structure and there’s no way around them. Create unique and complex ones that are harder for cybercriminals to demystify — at least 15 characters long, mixing letters, numbers and special characters.
- Be careful who you meet online. Be as cautious and sensible in your online social life as you are in real life. Beware of fake communications. Even online letters from friends and families could be hacked so treat online messages with caution.
- Keep your internet security program up to date. Know that your antivirus program can only help protect your data and device if it’s updated. Same goes with the OS and apps you use. This practice helps eliminate vulnerabilities that can be exploited by malicious software and attacks.