India sees second highest drive-by download attacks in Asia Pacific region in 2019, says Microsoft
New Delhi: India ranked second, behind Singapore, in terms of ‘drive-by download’ attack volume in the Asia-Pacific region in 2019, according to a report by Microsoft.
‘Drive-by download’ attacks involve downloading malicious code onto an unsuspecting user’s computer when they visit a website or fill up a form. The malicious code is then used by the attacker to steal passwords, financial information and intellectual property.
While the volume of such attacks in the Asia-Pacific region declined 27 per cent from 2018, India moved from the 11th position to the second spot (with 140 per cent increase), the report titled ‘Microsoft Security Endpoint Report 2019’ said.
Together with key financial hubs, Singapore and Hong Kong, India experienced an attack volume that was three times the regional and global average, it said.
Microsoft India Group Head and Assistant General Counsel (Corporate, External and Legal Affairs) Keshav Dhakad said in a virtual briefing that cyber hygiene and usage of genuine software prevent systems from getting compromised.
The findings of the report are derived from an analysis of diverse Microsoft data sources, including eight trillion threat signals received and analysed by the company every day, covering a 12-month period, from January to December 2019.
According to the report, Asia-Pacific (APAC) continued to experience a higher-than-average encounter rate for malware and ransomware attacks—1.6 and 1.7 times higher than the rest of the world, respectively.
“India registered the 7th highest malware encounter rate across the region, at 5.89 per cent in the past year. This was 1.1 times higher than the regional average,” it said.
The report added that India recorded the third highest ransomware encounter rate across the region, which was two times higher than the regional average.
This was despite a 35 per cent and 29 per cent decrease in malware and ransomware encounters, respectively, over the past year, it added.
Your computer may be used for cryptocurrency mining
India also recorded the second-highest cryptocurrency mining encounter rate in Asia-Pacific after Sri Lanka, even though the encounter rate declined 35 per cent from 2018, the report said.
During such attacks, victims’ computers are infected with cryptocurrency mining malware, allowing criminals to leverage the computing power of their computers without their knowledge.
COVID a catch word used in attacks
Talking about trends around COVID-19, Dhakad said that of the millions of targeted phishing messages seen globally each day, roughly 60,000 include COVID-19-related malicious attachments or malicious uniform resource locators (URLs).
Attackers are impersonating established entities like the World Health Organisation (WHO), Centers for Disease Control and Prevention (CDC), and the Department of Health to get into inboxes. “They have been pivoting their existing infrastructure, like ransomware and phishing, to include COVID-19 keywords, to capitalise on people’s fear,” he said.
Cyber hygiene and cyber security
Dhakad said while overall cyber hygiene in India has improved, there is more to be done.
“Typically, high malware encounters are a result of excessive usage of unlicensed and/or pirated software, and proliferation of sites that illegitimately offer free software or content, such as video streaming,” he added.
What you can do
Dhakad said individuals should update all devices with the latest security updates and use an antivirus or anti-malware service and should stay alert about the links and attachments in all forms of communication, e-mail, social media or chats, especially from unknown senders.
They should also use multi-factor authentication on all accounts and be educated on how to recognise phishing attempts and report suspected encounters, including watching out for spelling and bad grammar, and suspicious links and attachments from people they do not know, he added.
What businesses can do
He suggested that businesses have strong tools to safeguard employees and infrastructure and ensure employee guidelines are communicated clearly to the staff. Also, they should choose a trusted and a unified communication and collaboration application for audio/video calling, team collaboration, and file sharing that ensures end-to-end encryption.