Microsoft Security Endpoint Threat Report 2019

Microsoft recently released their Asia Pacific findings from the latest edition of its Security Endpoint Threat Report 2019, placing Singapore among the countries with the highest drive by download attack volume in the last year.

Through the diverse Microsoft data resources, analysing the findings from there, including eight trillion threat signals received and analysed by the company every day for a 12-month period from January to December 2019.

“As security defenses evolve and attackers rely on new techniques, Microsoft’s unique access to billions of threat signals every day enables us to gather data and insights to inform our response to cyberattacks,” said Mary Jo Schrade, Assistant General Counsel, Microsoft Digital Crimes Unit, Microsoft Asia.

“The Microsoft Security Endpoint Threat report aims to create a better understanding of the evolving threat landscape and help organizations improve their cybersecurity posture by mitigating the effects of increasingly sophisticated attacks.”

Singapore registered one of the lowest malware and ransomware encounters

From the report, Asia Pacific continues to experience a higher-than-average rate for malware and ransomware attacks. As for Singapore, it registered the fourth lowest malware and ransomware encounter rate in Asia Pacific.

“Typically, high malware encounters are a result of excessive usage of unlicensed and/or pirated software, and proliferation of sites that illegitimately offer free software or content, such as video streaming. Consumer education is important – users should regularly patch and update programs and devices, and be able to identify illegitimate software,” explained Richard Koh, Chief Technology Officer, Microsoft Singapore.

Cryptocurrency mining encounter rate in Singapore was 5 times lower than the regional and global average

Singapore’s cryptocurrency mining encounter rate stood at 0.01 percent in 2019, an 80 percent decrease from 2018 and 5 times lower than the regional and global average of 0.05 percent.

In a cryptocurrency attack, the victims’ computers are infected with cryptocurrency mining malware, allowing criminals to harness the computing powers of the victims’ computers to mine for cryptocurrency.

The cryptocurrency sector faces key challenges with cryptocurrency scams along with relaxed regulatory implementations, resulting in over the counter and fraudulent trading practices continuing to take place undetected.

“Improving user awareness is key in maintaining a low encounter rates and preventing consumers from falling for cryptocurrency scams. In Singapore particularly, strong government enforcement of cyber policies also helps ensure the efficacy of regulation on cryptocurrency trading and the integrity of cryptocurrency exchanges,” explained Koh.

Singapore recorded the highest drive-by download attack volume in Asia Pacific

On the topic of drive-by download, the drive-by download attack volume in Asia Pacific has converged with the rest of the world at 0.08, following a 27 percent decline from 2018.

While there is a general decline in drive-by download attacks across the region, the report showed that Singapore experienced the highest attack volume of 0.31 in 2019, an increase of 138.5 percent from 2018 (0.13). This was also 3.9 times higher than the 2019 global and regional average.

These attacks involve downloading malicious code onto an unsuspecting user’s computer when the person visits a website or fills in a form. The malicious code that is downloaded can then be used by an attacker to steal passwords or financial information.

“Cybercriminals capitalize on drive-by download technique to target the organizations and end-users with the objective to steal valuable financial information or intellectual property. This is a likely reason for regional business hubs recording the highest volume of these threats,” explained Koh. “We’d like to emphasize that the high encounter rate does not necessarily translate into a high infection rate as the level of cyber hygiene and usage of genuine software prevents the systems from getting compromised.”

Cybersecurity in the Covid-19 period

The Covid-19 pandemic has brought about a new wave of changes to the digital workplace transformation with working from home (WFH) as part of the measures to combat this pandemic and bringing it under control. Moving forward, some businesses would be looking at changes to the business operations and working environments, WFH might just be a new norm in the very near future. However, WFH has its own challenges and cybersecurity is one of them.

Since the Covid-19 pandemic outbreak, data collected by Microsoft Intelligence Protection Team has shown that every country in the world has seen at least one Covid-19 themed attack. The volume of successful attacks in outbreak hit countries seems to be increasing, along with fear and desire for more information increases.

There are millions of targeted phishing messages seen globally each day, there are roughly 60,000 of them that include Covid-19 related malicious attachments for malicious URLs, impersonating established organisations such World Health Organization (WHO), Centres for Disease Control and Prevention (CDC) and the Department of Health, getting to recipients inboxes.

For businesses and individuals, cybersecurity during this Covid-19 gets heightened attention. Everyone has part to play, a crucial role when navigating the internet and cyberspace. Here are some steps that businesses and individuals can take:

Guidance for businesses:

  • Have strong tools to safeguard employees and infrastructure. This means looking into multi-layered defense systems and turning on multi-factor authentication (MFA) as employees work from home. Additionally, enable endpoint protection and protect against shadow IT and unsanctioned app usage with solutions like Microsoft Cloud App Security.
  • Ensure employee guidelines are communicated clearly to employees. This includes information on how to identify phishing attempts, distinguishing between official communications and suspicious messages that violate company policy, and where these can be reported internally
  • Choose a trusted application for audio/video calling and file sharing that ensures end-to-end encryption

Guidance for individuals:

  • Update all devices with the latest security updates and use an antivirus or anti-malware service. For Windows 10 devices, Microsoft Defender Antivirus is a free built-in service enabled through settings
  • Be alert to links and attachments, especially from unknown senders
  • Use multi-factor authentication (MFA) on all accounts. Now, most online services provide a way to use your mobile device or other methods to protect your accounts in this way
  • Get educated on how to recognize phishing attempts and report suspected encounters, including watching out for spelling and bad grammar, and suspicious links and attachments from people you do not know

As we heading into a new era of digital workplace transformation in the very near future, our level of cybersecurity knowledge and awareness has to be increased and widen. More changes to information technology, social media and future of work are taking place now and coming to us at a fast and furious pace.

Do share the importance of cybersecurity with your loved ones, family, relatives and friends.

For more information on the Security Endpoint Threat Report findings, please visit https://www.microsoft.com/securityinsights

* Information and pictures courtesy of Microsoft Singapore and Edelman *

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.