Connect with us

Hi, what are you looking for?

HEADLINES

PH slides to top 4 in Kaspersky’s new global ranking of countries most targeted by online threats

The country moved two spots down to fourth place worldwide among countries most targeted by malicious files from the internet and phishing websites. It looks like a positive development but Kaspersky is strongly advising against dropping the armor.  

In 2023, web threats targeting the Philippines were about two percent less (48%) than in 2022 (49.8%), according to the latest Kaspersky Security Network (KSN) report. With this new data, the country moved two spots down to fourth place worldwide among countries most targeted by malicious files from the internet and phishing websites. It looks like a positive development but Kaspersky is strongly advising against dropping the armor.  

“There are two things that could explain the drop in web threats, albeit slightly. First is that we see the country is slowly making headway in cybersecurity. We classify the Philippines to be in the intermediate group of countries that are identifying cyberattacks and making efforts to implement rules. The second one and this we have to seriously take note, is that cybercriminals are continuously taking other attack routes that might be off the radar. One trend that we consistently have been seeing lately is their preference for targeted attacks instead of the spray and pray method,” said Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky. 

“Complacency, however, is still not an option. Cybercriminals continue to develop their tools and techniques. They actually surprise cybersecurity experts all the time. Our mindset should be how to be able to hunt threats before they could cause harm and damage. At this point, I recommend that we should be talking more about threats as we proactively learn to detect and respond to them. This is where threat intelligence comes in handy,” added Yeo.  

Web or online threats are attacks through browsers which are also cybercriminals’ tried and tested way to spread malware. It can easily be done with or without the involvement of the victim. 

Advertisement. Scroll to continue reading.

A web attack with victim participation is done through social engineering. The victim is tricked into doing something that jeopardizes their personal security or the security of the organization they work for. The objective is to get the victim to respond by clicking an infected email attachment, a compromised website, or responding to a fake unsubscribe notice, among others.  Last year’s data breaches involving a government agency and an e-wallet company, which were each reportedly traced to phishing, are examples of this type of web threat. 

An attack requiring no victim involvement is through drive-by downloads. By simply visiting a compromised website, their device gets infected automatically (and silently) particularly if they failed to apply a security update to one of their apps. This method is used in most web attacks.

In the recent global ranking, the Philippines came behind Mongolia (51.8%), Moldova (48.9%) and Greece (48.8%). Since 2019, the country has consistently been in the top 10 ranking countries. 

Among Southeast Asian countries, the Philippines is trailed by Malaysia with the overall percentage of users attacked by web-borne threats from January to December 2023. 

To stay protected, Kaspersky recommends users the following: 

  • Do not download and install applications from untrusted sources 
  • Do not click on any links from unknown sources or suspicious online advertisements 
  • Create strong and unique passwords, including a mix of lower case and upper case letters, numbers, and punctuation, as well as activating two-factor authentication 
  • Always install updates
  • Ignore messages asking to disable security systems for office or cybersecurity solution 
  • Use a robust cybersecurity solution appropriate to your system type and devices 

For organizations, Kaspersky recommends the following:

  • Always keep software updated on all the devices to prevent attackers from infiltrating network by exploiting vulnerabilities 
  • Use strong passwords to access corporate services. Use multi-factor authentication for access to remote services 
  • Choose a proven endpoint cybersecurity solution for business that is equipped with behaviors-based detection and anomaly control capabilities for effective protection against known and unknown threats 
  • Use dedicated set of effective endpoint protection, threat detection and response products to timely detect and remediate even new and evasive threats 
  • Use the latest threat intelligence information to empower your security experts

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

White Papers

When compared to 2023, Sophos saw a 51% increase in abusing “Living off the Land” binaries or LOLbins; since 2021, it’s increased by 83%.

HEADLINES

Someone illegally acquires or uses personal information such as bank account or credit card numbers of another person to obtain money, goods or services....

HEADLINES

To stay ahead of these challenges, organizations need to invest in AI-driven defenses, transition to quantum-safe encryption, and adopt a Zero Trust approach to...

HEADLINES

There was a 121% Year-on-Year (YoY) increase in identity fraud in 2024 across the region, with significant surges recorded in Singapore (207%), Thailand (206%)...

HEADLINES

As part of RCBC’s 2024 Cybersecurity literacy program, the webinar aims to help Filipinos level up their online banking safety by providing them with...

White Papers

The survey found that CXO’s feel less prepared than their global peers. Less than half or 48% in APAC said they felt completely prepared...

HEADLINES

On average, a single organization in the Philippines experiences 4,003 attacks per week, significantly higher than the APAC average of 2,870 attacks per week.

White Papers

Exploiting this vulnerability, cybercriminals craft deceptively authentic phishing emails that align with current trends, exploiting human emotions to invoke urgency and trick recipients into...

Advertisement