Sri Lanka, soft target for cyber criminals, says Microsoft
View(s):As the country embarks on ambitious tech projects, more companies are likely to be exposed to attacks than the global average. Even as businesses capitalise on the latest security intelligence and protections to stay ahead in the evolving cyber security landscape, Sri Lanka continues to be an attractive region for cyber criminals according to Microsoft.
The 24th edition of Microsoft’s Security Intelligence Report comprises core insights and key trends derived by sifting through data between January to December 2018 from multiple, diverse sources, including 6.5 trillion threat signals that go through the Microsoft cloud every day. The report, according to a Microsoft media release, is a reflection on last year’s security events and includes an overview of the security landscape, lessons learned from the field, and recommended best practices.
“As cyber- attacks continue to increase in frequency and sophistication, understanding prevalent cyber-threats and how to limit their impact has become imperative,” said Hasitha Abeywardena, Country Manager, Microsoft Sri Lanka and Maldives.
With the rise in value of crypto currency, such as Bitcoin, cyber criminals seeking illicit profits have turned to malware that lets them use victims’ computers to mine crypto currency coins. This approach allows them to leverage the processing power of hundreds of thousands of computers. Even when a minor infection is discovered, the anonymous nature of crypto currency complicates efforts to track down the responsible parties.
The study found that between January to December 2018, the crypto currency mining malware encounter rate—the percentage of computers running Microsoft real-time security products that report a malware encounter—in Sri Lanka was 283 per cent higher than the global average and 229 per cent higher than the Asia Pacific average, the highest encounter rate in the region. The report also found that the encounter rate increased or decreased with the rise or fall in the value of crypto currency.
Many factors have contributed to the increased popularity of mining as a payload for malware. Unlike ransom-ware, crypto currency mining does not require user input: it works in the background, while the user is performing other tasks or is away from the computer, and may not be noticed at all unless it degrades the computer’s performance sufficiently.
According to the study, ransom-ware encounters have decreased by 73 per cent worldwide. However, despite the decline, ransom-ware is still a viable threat in Sri Lanka as the country’s encounter rate was 100 per cent more than the global average.
Although drive-by download encounters globally has decreased by 22 per cent, Sri Lanka experienced approximately 144 per cent more drive-by download attacks than the rest of the world. The highest concentration of drive-by download pages were in Taiwan, Malaysia and Indonesia.
A drive-by download is an unintentional download of malicious code to an unsuspecting user’s computer when they visit a web site. The malicious code could be used to exploit vulnerabilities in web browsers, browser add-ons, applications, and the operating system.
The report also found that the Asia Pacific markets with the lowest malware encounter rates are Japan, Australia and New Zealand. These locations tend to have mature cyber security infrastructures and well-established programmes for protecting critical infrastructure and communicating with their citizens about basic cyber security best practices.