The Philippines slipped two notches down from its previous ranking in the latest top 10 global list of countries with the most web-borne threats based on a report from cybersecurity company Kaspersky.
In the 2020 Kaspersky Security Network (KSN) report, it showed that Kaspersky solutions installed in computers of Filipino users detected 44,420,695 different internet-borne threats last year. The report also revealed that more than four-in-10 (42.2%) of online users in the country were almost infected with web threats in 2020, putting the country at 6th place globally.
Top 10 global list
The number of web threats in the country is about 37.19% more in 2020 compared to 27,899,906 web threats (44.4%) detected in 2019, placing the country 4th overall in that year.
Web threats are attacks via browsers which is the basic method for cybercriminals to spread their malicious programs.
Kaspersky experts observed two noticeable trends behind the change of percentage users attacked by web threats, not just in the Philippines, but for countries all over the world:
- The number of users that encounter web miners has been reduced by one and a half times. A Trojan miner like Trojan.Script.Miner.gen is an example of a web-mining malware that is used by cybercriminals to secretly mine cryptocurrencies using someone’s computing power and electricity.
- The number of users that encounter web skimmers has increased by about 20%. Web skimmers (sometimes referred to as sniffers) where scripts are embedded by attackers in online stores to steal credit card data of customers from websites.
According to Kaspersky, the top five sources of web threats in the Philippines as well as in other countries in the region and elsewhere in the world are the following:
- Internet browsing. In the vast majority of cases, malware in web traffic is found during browsing scenarios
—when an internet user visits an infected site or an online advertisement performs an unfair action.
- Unintentional downloads of certain programs (or files) from the internet
- Email attachments. Downloading of malicious attachments from online email services
- Browser extensions activity. A browser extension is a plugin for a web browser that adds certain functions and features to it used for productivity, customization, shopping, games, etc. Examples of extensions are those that block ads on web pages, translate text between languages or add pages to a third-party bookmark service. Extensions can be malicious or dangerous because these come from third-party websites which collect data to sell to other entities later.
- Downloads of malicious components or communications with control and command (C&C) servers performed by other malware. A C&C server helps a fraudster to control a botnet (a network of hijacked computer devices used to carry out various scams and cyberattacks) and sends malicious commands to its members, regulate spyware, send payload, etc.
Globally, the Philippines’s 2020 ranking in local threat detections also went down by one mark from 2019. With 44,541,812 local incidents blocked on computers of Kaspersky users in the Philippines, it is currently at 62nd place from its 61st place in 2019 when it had 47,443,112 incidents.
Statistics from the report also showed that more than four-in-10 (47.4%) of Filipino internet users were attempted to be attacked with local threats in 2020 compared to almost six-in-10 (56.90%) users who were affected in 2019.
Local threats are basically local infections where users are attacked by malware spread through “offline” methods such as removable USB drives, CDs, and DVDs.
“One thing that all of us would remember very well about 2020 other than COVID-19 was the shift of major tasks online – mostly within the confines of our homes. It is now a common scenario to see working parents juggle work and assisting kids with their online classes. The stress of finding balance has understandably affected each of us emotionally and psychologically, which created the best scenario for cybercriminals to exploit the situation,” says Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.
“Last year, we saw several incidents of scams and social engineering tactics aimed at tricking the human mind to steal money or information, using buzzwords related to COVID-19. Avoiding such requires a lot of calmness and vigilance, which is a tough one to have amidst the chaos that is the pandemic,” he adds.
“The pandemic has blurred the lines between corporate defenses and home security. Remote work, online classes, digitalization across all sectors will continue, at least for 2021. It is high time for enterprises of all shapes and sizes to understand that online threats against individuals should now be considered as risks against companies. We need to remember that cybercriminals never sleep. Hence, our security solutions should be automated, intelligence-based, and proactive,” adds Yeo.
For companies observing remote work, Kaspersky experts have the following tips to help employers and businesses stay on top of any potential IT security issues and remain productive while staff are working from home:
- Ensure your employees have all they need to securely work from home and know who to contact if they face an IT or security issue.
- Schedule basic security awareness training for your employees. This can be done online and cover essential practices, such as account and password management, email security, endpoint security and web browsing.
- Take key data protection measures including switching on password protection, encrypting work devices and ensuring data is backed up.
- Ensure devices, software, applications, and services are kept updated with the latest patches.
- Install proven protection software on all endpoints, including mobile devices, and switch on firewalls. Small and midrange enterprises can also opt to use a Kaspersky Endpoint Detection and Response Optimum to boost their defences against complex threats.
- Ensure you have access to the latest threat intelligence to bolster your protection solution. For example, Kaspersky offers a free COVID-19-related threat data feed.
- Double-check the protection available on mobile devices. It should enable anti-theft capabilities such as remote device location, locking and wiping of data, screen locking, passwords and biometric security features like Face ID or Touch ID, as well as enable application controls to ensure only approved applications are used by employees.
- In addition to physical endpoints, it is important to protect cloud workloads and virtual desktop infrastructure.
For users, here the top online security tips for home and home-based learning:
- Ensure your router supports and works smoothly when transmitting WIFI to several devices simultaneously, even when multiple workers are online and there is heavy traffic (as is the case when using video conferencing)
- Regularly update your router to avoid potential security issues.
- Set up strong passwords for your router and WIFI network.
- If you can, only do work on devices provided by your employer. Putting corporate information on your personal devices could lead to potential security and confidentiality issues.
- Do not share your work account details with anybody else, even if it seems a good idea at the time.
- Always feel able to speak to your employer’s IT or IT security team if you have any concerns or issues while working from home.
- Follow the rules of cyberhygiene: use strong passwords for all accounts, do not open suspicious links from emails and IMs, never install software from third-party markets, be alert, and use reliable security solution.