Navigating Asia Pacific’s cyberthreat landscapeCybersecurity remains a top priority in today’s interconnected world. Microsoft shares trends in endpoint threats across developing and developed markets in Asia, based on analysis of over 8 trillion threat signals daily from January to December 2019, and guidance for staying cybersafe in today’s evolving landscape.

SECURITY ENDPOINT THREAT REPORT 2019SECURITY ENDPOINT THREAT REPORT 2019

The research covered a total of 15 markets, including developing markets China, India, Indonesia, Malaysia, Philippines, Sri Lanka, Thailand, Vietnam; and developed markets Taiwan, Singapore, New Zealand, Korea, Japan, Hong Kong, Australia.Markets were categorized with reference to International Monetary Fund’s World Economic Database, October 2018.

Lorem ipsum

EVOLVING CYBERTHREATS IN ASIA PACIFIC

GUIDANCE FROM MICROSOFT

MALWARECode developed by cyber attackers, designed to cause extensive damage to data and systems or to gain unauthorized access to a network

Cybercriminals remain focused on attacking countries with lower levels of cyber awareness and high usage of

unlicensed and/or pirated software, and sites that illegitimately offer free software or content .

Malware encounter rate across Asia Pacific

5.34%23% from 2018

123

Japan

New Zealand

Australia

Highest encounter rate

123

Indonesia

Sri Lanka

Vietnam

Lowest encounter rate

RANSOMWAREMalicious software that disables a device or its files until the attacker is paid a ransom

Ransomware encounter rate across Asia Pacific

0.05%29% from 2018

Even with a slowdown in ransomware encounters, cyber attackers are shifting their efforts to customized

campaigns targeting specific geographical areas, industries and businesses.

123

Vietnam

Indonesia

India

123

Japan

New Zealand

Australia

Highest encounter rate Lowest encounter rate

Malware introduced into an unsuspecting user or organization’s machine(s), which then uses the machine’s computing power to mine cryptocurrency

Cryptocurrency mining encounter rate across Asia Pacific

0.05%64% from 2018

Cryptocurrency mining trends acrossdeveloped vs developing countries

123

Japan

Australia

China

CRYPTOCURRENCYMINING

While recent fluctuations in cryptocurrency value and the increased time required to generate cryptocurrency have

resulted in attackers refocusing their efforts, cyber attackers are continuing to target countries with low user awareness and low adoption of cyber hygiene practices .

123

Sri Lanka

India

Vietnam

Highest encounter rate Lowest encounter rate

Unintentional download of malicious code to a device when the user visits a website, aimed at exploiting vulnerabilities in web browsers, applications, or even the operating system

Drive-by download attack volume across Asia Pacific

0.08*27% from 2018

Drive-by download trends acrossdeveloped vs developing countries

123

New Zealand

Korea

Philippines

DRIVE-BYDOWNLOAD

Cybercriminals remain focused on stealing financial information or intellectual property. This has resulted in

the highest attack volume occurring in key financial hubs.

123

Singapore

Hong Kong

India

Highest attack volume Lowest attack volume

*Average volume of drive-by-download pages detected for every 1,000 pages indexed by Bing

THREATS MICROSOFT IS SEEING SINCE COVID-19

Many of the compromises that enabled these attacks existed earlier – multipleransomware groups have

been accumulating access and maintaining persistence

on target networks for several months

Attackers had been silently waiting to monetize their

ransomware attacks tomaximize financial gains

Attacks have affected aid organizations, medical billing

companies, manufacturing, transport, government

institutions, and educational software providers

The attacks all used the same techniques – credential theft

and lateral movement – culminating in the

deployment of a ransomware payload of the attackers’

choice

DO

DO

DO

DO

SAFEGUARD employees with strong tools and infrastructure

SET UP multi-factor authentication (MFA)as employees work from home

INCLUDE end-to-end encryption on trusted applications for audio/video calling and file sharing

INDIVIDUALS

GUIDE employees on how to identify phishing attempts and suspicious messages

INSTALL an antivirus service on computing devices

UPDATE all devices with the latest security updates

WATCH OUT for malicious or compromised websites

AVOID pirated software

RECOGNIZE and report suspected attack attempts

DO

DO

DO

DO

DO

VERIFY all links and attachments before opening themDO

ORGANIZATIONS