H1 2021: Kaspersky foils over 2K mobile malware per day in SEA

Global cybersecurity company underlines mobile threat is now a concern for enterprises and employees alike amidst the continuing remote work

23 August 2021 – As the pandemic continues to grip countries in Southeast Asia (SEA), more workers are expected to set-up their remote office environment, if not continue to work virtually. This trend keeps the population safer physically, but also open vulnerabilities against enterprises.

Global cybersecurity company Kaspersky has detected and blocked 382,578 mobile attacks against users in SEA during the first half of 2021. This is a 14% increase compared with the same period last year with 336,680 incidents. The mobile attacks detected and blocked covers the general Kaspersky users from the region.

Even though the Bring Your Own Device (BYOD) has been a trend before the pandemic, its use have increased exponentially since 2020 as companies adapted their IT infrastructure for business continuity. This, in turn, increased employee’s role in a company’s network security.

A survey done by Kaspersky last year revealed that a little more than two-thirds of respondents are using a personal device to work from home. Aside from this, employees are also using their work gadgets for personal activities such as watching video and educational content, reading news, and playing video games.

Most interestingly, 33% of the 6,017 employees surveyed worldwide last year admitted to using their office devices to watch adult content, a type of content that is often targeted by cybercriminals.

“Laptops are the main workhorse but mobile devices have also been used to access office emails and work-related systems even before the pandemic. It is a risky but a known practice that these same handsets are also being utilised for personal tasks and accessing guilty pleasures. With this trend being more rampant in a virtual home office, companies should revisit their policies, access rights, and security set-up to block cybercriminals from entering their enterprise network through infected smartphones,” comments Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.

Mobile malware refers to malicious software specifically targeted to infect mobile devices including handsets, tablets, and other smart gadgets. While mobile malware hasn’t quite caught up to its PC counterpart in terms of volume or complexity, experts are seeing more mobile-specific malware designed to prey on smartphone features or tablet vulnerabilities.

In the continuing era of remote work, a mobile malware can steal individual’s personal data but also be a launchpad for a targeted attack against a user’s employer.

Since 2020, Kaspersky’s telemetry has been monitoring and blocking no less than a hundred thousand mobile malware attacks in SEA per quarter. The first three months of 2021 logged the highest number since last year with 205,995 detected incidents.

Indonesia logged the highest number of foiled mobile attacks from January 2020 to June 2021 followed by Malaysia and Thailand. Indonesia also ranked 3^rd in terms of mobile malware detected in the second quarter of the year. Russia and Ukraine took the first and second spot while India and Turkey landed in 4^th and 5^th place.

In terms of the percentage of users attacked by mobile malware, 4.42% users in Malaysia were targeted during the first half of the year, followed by Thailand (4.26%) and Indonesia (2.95%). Singapore is quite close with 2.83% of mobile users almost infected by this type of threat. The Philippines (2.27%) and Vietnam (1.13%) logged the lowest percent during this period.

The three most common mobile threats in SEA include:

• Trojans – malicious programs that perform actions which are not authorized by the user. They delete, block, modify or copy data, and disrupt the performance of computers or computer networks.
• Trojan-Downloader – downloads and installs new versions of malicious programs, including Trojans and AdWare on victim computers. Once downloaded from the Internet, the programs are launched or included on a list of programs which will run automatically when the operating system boots up.
• Trojan-Dropper – programs that are designed to secretly install malicious programs built into their code to victim’s computers. This type of malicious program usually save a range of files to the victim’s drive, and launches them without any notification (or with fake notification of an archive error, an outdated operating system version, etc.).

“Both employees and CIOs in the region are embracing the current remote work and the future hybrid environment. It has its perks but its cybersecurity loopholes should be taken considerably. BYOD is here to stay and companies should take steps to beef up their defenses. It is important to train their employees regularly, keep them informed about the latest threats online, and provide them with tools such as encrypted devices, endpoint protections and VPN. Most importantly, build a culture of trust and shared responsibility towards enterprise security,” adds Yeo.

Kaspersky experts also suggest the following tips for enterprises to better protect their networks and devices against cybercriminals:

• Ensure your employees have all they need to securely work from home and know who to contact if they face an IT or security issue.
• Schedule basic security awareness training for your employees. This can be done online and cover essential practices, such as account and password management, email security, endpoint security and web browsing. Kaspersky and Area9 Lyceum have prepared a free course to help staff work safely from home.
• Take key data protection measures including switching on password protection, encrypting work devices and ensuring data is backed up.
• Ensure devices, software, applications and services are kept updated with the latest patches.
• Install proven protection software, such as Kaspersky Endpoint Security Cloud, on all endpoints, including mobile devices, and switch on firewalls.
• Ensure you have access to the latest threat intelligence to bolster your protection solution.
• Double-check the protection available on mobile devices. For example, it should enable anti-theft capabilities such as remote device location, locking and wiping of data, screen locking, passwords and biometric security features like Face ID or Touch ID, as well as enable application controls to ensure only approved applications are used by employees.

While there is a lot of responsibility on employers to keep corporate devices and networks secure, Kaspersky is also offering the following recommendations for consumers and workers during their time at home:

• Ensure your router supports and works smoothly when transmitting Wi-Fi to several devices simultaneously, even when multiple workers are online and there is heavy traffic (as is the case when using video conferencing).
• Regularly update your router to avoid potential security issues.
• Set up strong passwords for your router and Wi-Fi network.
• If you can, only do work on devices provided by your employer. Putting corporate information on your personal devices could lead to potential security and confidentiality issues.
• Do not share your work account details with anybody else, even if it seems a good idea at the time.
• Always feel able to speak to your employer’s IT or IT security team if you have any concerns or issues while working from home.
• Follow the rules of cyberhygiene: use strong passwords for all accounts, do not open suspicious links from emails and IMs, never install software from third-party markets, be alert and use reliable security solution such as Kaspersky Total Security.

On a lighter note, now can get a special discount for Employee Purchase Program, please refer to our website for more information https://www.tech-titan.com/project/kasperskyemp/ .