Developing APAC remained hotbed of ransomware, malware attacks in 2019

Asia Pacific continued in 2019 to experience a higher-than-average encounter rate for malware and ransomware attacks — 1.6 and 1.7 times higher respectively than the rest of the world, according to the Microsoft Security Endpoint Threat report

Findings were derived from an analysis of diverse Microsoft data sources, including 8 trillion threat signals received and analysed by Microsoft every day in 2019.

This is despite a 23% and 29% overall decline across these two threat vectors when compared to the 2018 findings.

The research revealed that developing countries, including Indonesia, Sri Lanka, India, and Vietnam, were most vulnerable to malware and ransomware threats in 2019.

“Often, high malware encounters correlate with both piracy rates and overall cyber hygiene, that includes regular patching and updating of software,” said Mary Jo Schrade, assistant general counsel of Microsoft Digital Crimes Unit at Microsoft Asia.

“Countries that have higher piracy rates and lower cyber hygiene tend to be more severely impacted by cyberthreats,” said Schrade. “Patching, using legitimate software, and keeping it updated can decrease the likelihood of malware and ransomware infections.”

The research identified that countries with lower piracy rates and stronger cyber hygiene practices have witnessed a significant decline in attacks. Specifically, malware and ransomware threat encounter rates in Japan, New Zealand, and Australia, were three to six times lower than the regional average.

India, Indonesia, and Sri Lanka recorded the highest cryptocurrency mining encounters in Asia last year. On the other hand, declining encounter rates were recorded in as Hong Kong, Japan and Singapore. Schrade said recent fluctuations in the value of cryptocurrency and the increased time required to generate it had perhaps led to them focusing on other forms of cybercrime.

The Drive-by download attack volume in Asia Pacific has converged with the rest of the world at 0.08, following a 27% decline from 2018.

These attacks involve downloading malicious code onto an unsuspecting user’s computer when they visit a website or fill up a form. The malicious code that is downloaded is then used by an attacker to steal passwords or financial information.

Despite the general decline in drive-by download attacks across the region, the study found that regional business hubs, Singapore and Hong Kong, recorded the highest attack volume in 2019, over three times the regional and global average.