Asia Pacific was heavily hit by cyber attacks during the first six months of the year, taking more attacks than other regions in most threat categories, according to Trend Micro.
Globally, Trend Micro detected 82 million ransomware threats and found that on average, 28 new ransomware families were created every month. The company also blocked more than 3,000 BEC attempts; and discovered and disclosed 382 new vulnerabilities.
In the meantime, a new trend of cyberpropaganda reared its head in 2017 – cybercriminals started selling tools and services that helped create fake content, boost social media reach, and buy votes that can directly influence elections.
Connected devices continue to be a problem too. In April, Trend Micro discovered the Persirai botnet targeting more than 1,000 Internet Protocol (IP) camera models. The company also found more than 83,000 exposed industrial routers and 28 exposed industrial robots.
Out of the 82 million ransomware threats blocked, those targeting APAC entities accounted for 35.7% of all, the highest of all regions. This is followed by EMEA (25.24%), Latin America (22.66%), and North America (15.71%).
The successive successes of WannaCry and Petya attacks reinforced the need for consistent patching for enterprises across all industries. Despite Microsoft releasing a patch in March for the vulnerability CVE-2017-0144 or EternalBlue, which WannaCry and Petya exploited, the attacks still infected thousands of computers in April and in June.
Other noteworthy ransomware families that surfaced in the first half of the year included new variants of Cerber, an infamous ransomware now armed with anti-machine-learning capabilities; Patcher, which affected the MacOS; and the mobile ransomware SLocker.
In the first six months of the year, more than 436 million malware detections were observed in the APAC region, surpassing the numbers in all other regions by a huge margin. APAC is followed by North America (324 million) and EMEA (169 million). The top three malware found in the region are DocDrop, DOWNAD, and WannaCry. The most hit countries in the region are Japan, Australia, and Taiwan.
As industrial IoT devices continue to mushroom in APAC, the number of supervisory control and data acquisition (SCADA) system vulnerabilities is also increasing, providing fodder for malware attacks. Based on the findings from the Trend Micro’s Zero Day Initiative program, there exist malware specially made to target these connected systems.
APAC also leads in the number of detections for online banking malware in the first half of the year, culminating in more than 118,193 malware discovered and blocked, four times more than EMEA (24,798) and five times more than North America (20,888). Japan, China, and Vietnam encountered most of the attacks.
Trend Micro also found that more than 47 million malicious mobile apps were downloaded by users in APAC, much more than those from other regions. For instance, EMEA users downloaded 30 million such apps; the numbers are even lower in North America (eight million) and Latin America (six million).
Exploit kits are another prominent threat in the APAC region, with a total of 556,542 detected within the six months, more than quadrupling the second place – North America (120,470).
The most distributed exploit kits for the first six months in APAC are Rig, Magnitude, Sundown, and Nebula. Exploit kits normally target popular software such as AdobeFlash, Java, and Microsoft Silverlight. In 2017, connected industrial systems became a popular target for exploit kits too. Some of them can be used to deliver ransomware, such as Rig, Magnitude, and Sundown.
First published in Networks Asia