KASPERSKY 2019 REPORT; PH ranks 4th globally for detected online threats


    THE Philippines gained an unwanted recognition climbing to 4th from 11th place in Kaspersky’s worldwide ranking of countries with the highest web threat detections from January to December 2019.

    Data from the Kaspersky Security Network (KSN) for the past year showed the cybersecurity company’s technologies monitored and prevented nearly 28 million internet-borne attacks against Kaspersky users in the Philippines.

    This accounts for 44 percent of Kaspersky users in the country that encountered web threats in 12 months in 2019, where 27 percent were individual users and 7.6 percent were business users. The Philippines trailed behind the top three countries namely, Nepal, Algeria and Albania.

    Kaspersky said a browser attack is still the top method for infecting web surfers. Users in the Philippines continue to be attempted to be attacked by cybercriminals through popular attack techniques such as drive-by download and social engineering.

    Drive-by download happens when an Internet user visits a website that he/she didn’t know is infected and installs malware directly onto the user’s computer. Vulnerable computers are those with operating systems, applications, or web browsers that are not updated which means these contain security flaws.

    Attempts to infect computers of Kaspersky users in the Philippines is done through social engineering where a cybercriminal exploits a user’s lack of knowledge. Disguising as friends, families or even as IT support personnel, cybercriminals convince a clueless user to disclose his/her confidential data. With the information, a cybercrook will gain access to multiple networks, infect the user’s computers with malware or prompt the user to open links to infected websites.

    Downloading malicious components or communications with control & command (C&C), a server that helps an online fraudster control a botnet and sends malicious commands that eventually would install malware onto a user’s computer. Botnet, short for robot network, is a collection of compromised (hacked) computers running malicious programs that are remotely controlled by cybercriminals.

    “As far as web threats are concerned, among the noticeable changes we’ve seen in the region reflect the same scenario worldwide —strong activity of web-miners in the beginning of the year followed by a dropdown. There was also a growth of online skimmers that we’ve recorded. In the case of local threats, the overall situation in SEA is the same — there’s a drop in the number of cryptocurrency miners and a slight decrease in crypto ransomware,” Yeo Siang Tiong, general manager for Kaspersky Southeast Asia said.

    However, local threats are down.

    In the same report, Kaspersky products detected and blocked more than 47 million local incidents on computers of its users in the country. This has pushed the Philippines to slide down to 61st place in 2019 from its 65th place in 2018 in Kaspersky’s worldwide ranking among countries with the highest local infections.

    Local infections or threats results from malware spread through removable media such as USBs, CDs, DVDs, and other “offline” methods.

    Kaspersky said worms and file viruses, which are usually self-replicating, generally account for such incidents. Attempts of attacks were monitored and prevented against 53 percent of individual Internet users and 21 percent of business users in the Philippines.

    Meanwhile, there were only 1.5 million malicious hosting incidents monitored and blocked in Philippine-based servers in 2019 compared to two million in 2018 pulling the country’s global ranking from 35th to 37th.

    “In the Philippines, we believe the stern warnings against the use of cryptocurrencies and the newly enacted law which imposes harsh penalties against bank account fraudsters and credit card skimmers, are among the possible reasons for the changes in numbers. Despite these though, we can’t drop our guards and be complacent. The overall increase in awareness and level of security among individual Internet users and businesses only mean that typical attacks will be more difficult to carry out. And we see that cybercriminals will intensify their efforts towards social engineering tactics more and will veer away from PCs to focus on attacking mobile devices and other internet-connected hardware,” he adds.