Data privacy abuse, malware threats hound PH Android, online users


    ABUSE of personal information and more sophisticated cyberattacks will affect more Filipinos by 2020. This, as the country also ranked third among Southeast Asian nations for Android malware attempts.

    In two separate studies, one called “Advanced Persistent Threats in 2020” and statistical data compilation, from cybersecurity company Kaspersky, revealed these findings. For research on Android attacks, this ranking excludes countries with fewer than 25,000 active users over the reporting period.

    Kaspersky researchers pointed out how the landscape of targeted attacks will change in the coming months. The overall trend shows that threats will grow in sophistication and become more targeted, diversifying under the influence of external factors, such as development and propagation of machine learning, technologies for “deepfakes” development, or tensions around trade routes between Asia and Europe.

    The predictions were developed based on the changes that Global Research and Analysis Team witnessed over the 2019 to support cybersecurity community with some guidelines and insights to help industries prepare for the challenges that lie in the coming 12 months.

    According to the cybersecurity company’s security experts, 98 percent of mobile malware are designed for the Android OS. This puts Android mobile users who use banking and shopping apps at high risk of downloading malware themselves without knowing it.

    Kaspersky has been monitoring malware attempts against its users who use Android devices in SEA and found that malware attempts have been increasing. Banking and ransomware Trojans were the top malware detected in the region. Trojans are one of the most dangerous species in the malware world.

    “We can see that attempts to infect Kaspersky mobile users year on year is quite going down in SEA and we attribute that to the growing awareness of the public about protecting their mobile data. The Philippines is hands-down an Android country and combined with the Filipinos’ very strong interest in digital activities, we understand why at number three overall in the region, Filipino Android users remain to be among cybercriminals’ targets,” Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky said.

    After a number of personal data leaks that happened in the past years, the number of personal details available made it easier for attackers to perform targeted attacks, based on victims leaked info. The bar has been raised, and in 2020 the threat actors will dive deeper, hunting for more sensitive leaks, such as biometric data.

    Researchers pointed out a number of key technologies, which could lure victims of personal data abuse in the attackers’ traps, among them is publicly discussed video and audio Deep Fakes that can be automated and support profiling and creation of scams and social engineering schemes.

    The sophistication of attacks is seen to increase and ingenious ways of invasions will be done. Among them are false flag attacks, ransomware, and data-based vector attacks.

    As false flag attacks are seen to reach a whole new level, threat actors not only to avoid attribution but also to actively lay the blame on someone else. Commodity malware, scripts, publicly available security tools or administrator software, mixed with a couple of false flags, where security researchers are hungry for any small clue, might be enough to divert authorship to someone else.

    Ransomware is seen to shift toward targeted threats with a potential twist being that, instead of making files unrecoverable, threat actors will threaten to publish data that they have stolen from the victim company.

    Cyberattacks will be so sophisticated it will focus on trade routes between Asia and Europe.

    There are several ways this could play out. They include a growth in political espionage as governments seek to secure their interests at home and abroad. It is likely to extend also to technological espionage in situations of potential or real economic crisis and resulting instability.

    Personal information abuse will grow faster, armed with AI. It is very similar to some of the techniques discussed for driving election advertisements through social media. This technology is already in use and it is just a matter of time before some attackers take advantage of it.

    “The future holds so many possibilities that there are likely to be things that are not included in our predictions. The extent and complexity of the environments in which attacks play out offer so many possibilities. In addition, no single threat research team has complete visibility of the operations of APT threat actors. We will continue to try and anticipate the activities of APT groups and understand the methods they employ, while providing insights into their campaigns and the impact they have,” says Vicente Diaz, security researcher at Kaspersky.

    Kaspersky data shows that Filipino Android mobile users are targets of the Hiddapp mobile malware. This malware family uses advertising as its main monetization method. It secretly downloads ads on to the infected device, displaying as many ads as possible to the Android device user.

    In 2018, Filipino Android users got a lot of the Dropper mobile malware family, which displays persistent ads and steals money through SMS subscriptions. The Dropper is designed to bypass detection and used by cybercriminals to wrap all sorts of payloads such as banking Trojans, ransomware and adware.