From its 11th ranking last 2018, the Philippines climbed to fourth place in Kaspersky’s worldwide ranking of countries with the highest web threat detections from January to December 2019.
Data from the Kaspersky Security Network (KSN) for the past year showed the cybersecurity company’s technologies monitored and prevented nearly 28 million internet-borne attacks against Kaspersky users in the Philippines.
This accounts for 44.40% of Kaspersky users in the country that encountered web threats in 12 months in 2019, where 26.62% were individual users and 7.58% were business users. The Philippines trailed behind the top three countries namely, Nepal, Algeria and Albania.
In Southeast Asia, the Philippines led the top three countries with the highest number of detections followed by Malaysia at 13th and Vietnam at 17th.
Kaspersky said a browser attack is still the top method for infecting web surfers. Users in the Philippines continue to be attempted to be attacked by cybercriminals through popular attack techniques such as drive-by download and social engineering.
Drive-by download happens when an Internet user visits a website that he/she didn’t know is infected and installs malware directly onto the user’s computer. Vulnerable computers are those with operating systems, applications, or web browsers that are not updated which means these contain security flaws.
Attempts to infect computers of Kaspersky users in the Philippines is done through social engineering where a cybercriminal exploits a user’s lack of knowledge. Disguising as friends, families or even as IT support personnel, cybercriminals convince a clueless user to disclose his/her confidential data. With the information, a cybercrook will gain access to multiple networks, infect the user’s computers with malware or prompt the user to open links to infected websites.
Top 5 attack vectors
Ways used by cybercriminals in the Southeast Asian region to install malware into a user’s computer include the following:
- Visiting an infected website or when an online advertisement performs unfair action, such as adware which collects information without the owner’s consent
- Unintentional downloads of certain programs or files from the Internet
- Downloading malicious attachments via email
- Browser extensions activity. Browser extensions are like plugins which add certain features and functions. Examples of extensions are used to block ads on web pages, translate text from one language to another, or add pages to a third-party bookmark services such as Evernote or Pocket.
- Downloading malicious components or communications with control & command (C&C), a server that helps an online fraudster control a botnet and sends malicious commands that eventually would install malware onto a user’s computer. Botnet, short for robot network, is a collection of compromised (hacked) computers running malicious programs that are remotely controlled by cybercriminals.
In the same report, Kaspersky products detected and blocked more than 47 million local incidents on computers of its users in the country. This has pushed the Philippines to slide down to 61st place in 2019 from its 65th place in 2018 in Kaspersky’s worldwide ranking among countries with the highest local infections.
Local infections or threats results from malware spread through removable media such as USBs, CDs, DVDs, and other “offline” methods.
Kaspersky said worms and file viruses, which are usually self-replicating, generally account for such incidents. Attempts of attacks were monitored and prevented against 52.73% of individual Internet users and 20.99% of business users in the Philippines.
Meanwhile, there were only 1.5 million malicious hosting incidents monitored and blocked in Philippine-based servers in 2019 compared to two million in 2018 pulling the country’s global ranking from 35th to 37th.
“As far as web threats are concerned, among the noticeable changes we’ve seen in the region reflect the same scenario worldwide —strong activity of web-miners in the beginning of the year followed by a dropdown. There was also a growth of online skimmers that we’ve recorded. In the case of local threats, the overall situation in SEA is the same — there’s a drop in the number of cryptocurrency miners and a slight decrease in crypto ransomware,” said Yeo Siang Tiong, general manager for Kaspersky Southeast Asia.
“In the Philippines, we believe the stern warnings against the use of cryptocurrencies and the newly enacted law which imposes harsh penalties against bank account fraudsters and credit card skimmers, are among the possible reasons for the changes in numbers. Despite these though, we can’t drop our guards and be complacent. The overall increase in awareness and level of security among individual Internet users and businesses only mean that typical attacks will be more difficult to carry out. And we see that cybercriminals will intensify their efforts towards social engineering tactics more and will veer away from PCs to focus on attacking mobile devices and other internet-connected hardware,” he adds.