Malware, ransomware top cyberthreats in India: Microsoft report

Topics cybercrimes | Malware | Microsoft

The malicious code that is downloaded is then used by an attacker to steal passwords or financial information

India experienced a higher encounter rate for malware and ransomware attacks than the regional average in Asia Pacific last year, according to the latest edition of Microsoft's Security Endpoint Threat Report.

India registered the seventh highest malware encounter rate across the region, at 5.89 per cent in the past year, showed the India findings of the report released on Wednesday.

This was 1.1 times higher than the regional average.

The report also found that India recorded the third highest ransomware encounter rate across the region, which was two times higher than the regional average.

This was despite a 35 per cent and 29 per cent decrease in malware and ransomware encounters respectively over the past year.

"Typically, high malware encounters are a result of excessive usage of unlicensed and/or pirated software, and proliferation of sites that illegitimately offer free software or content, such as video streaming," Keshav Dhakad, Group Head & Assistant General Counsel -- Corporate, External & Legal Affairs, Microsoft India, said in a statement.

"Consumer education is important -- users should regularly patch and update programmes and devices and be able to identify unsafe websites and illegitimate software."

India's cryptocurrency mining encounter rate showed a 35 per cent decrease from 2018 but was still 4.6 times higher than the regional and global average, and India recorded the second highest encounter rate in Asia Pacific after Sri Lanka, according to the report.

During such attacks, victims' computers are infected with cryptocurrency mining malware, allowing criminals to leverage the computing power of their computers without their knowledge.

The research showed that India, together with Hong Kong and Singapore, continued to face high drive-by download attack volume.

These attacks involve downloading malicious code onto an unsuspecting user's computer when they visit a website or fill up a form.

The malicious code that is downloaded is then used by an attacker to steal passwords or financial information.

India recorded a 140 per cent increase in such attack volume last year. Together with key financial hubs, Singapore and Hong Kong, India experienced an attack volume that was three times higher than the regional and global average.

The findings were derived from an analysis of diverse Microsoft data sources, including 8 trillion threat signals received and analysed by Microsoft every day, covering a 12-month period, from January to December 2019.

Since the outbreak of Covid-19, Microsoft Intelligence Protection team's data has shown that every country in the world has seen at least one Covid-19 themed attack, and the volume of successful attacks in outbreak-hit countries seems to be increasing, as fear and the desire for information grows.

Of the millions of targeted phishing messages seen globally each day, roughly 60,000 include Covid-19 related malicious attachments or malicious URLs.

Attackers are impersonating established entities like the World Health Organization (WHO) and US Centers for Disease Control and Prevention (CDC) to get into inboxes.

"According to our data, we found that Covid-19 themed threats are mostly retreads of existing attacks that have been slightly altered to tie to the pandemic," Dhakad said.

"This means that attackers have been pivoting their existing infrastructure, like ransomware, phishing, and other malware delivery tools, to include Covid-19 keywords, to capitalise on people's fear. Once users click on these malicious links, attackers can infiltrate networks, steal information and monetise their attacks."



(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)

Dear Reader,

Business Standard has always strived hard to provide up-to-date information and commentary on developments that are of interest to you and have wider political and economic implications for the country and the world. Your encouragement and constant feedback on how to improve our offering have only made our resolve and commitment to these ideals stronger. Even during these difficult times arising out of Covid-19, we continue to remain committed to keeping you informed and updated with credible news, authoritative views and incisive commentary on topical issues of relevance.

We, however, have a request.

As we battle the economic impact of the pandemic, we need your support even more, so that we can continue to offer you more quality content. Our subscription model has seen an encouraging response from many of you, who have subscribed to our online content. More subscription to our online content can only help us achieve the goals of offering you even better and more relevant content. We believe in free, fair and credible journalism. Your support through more subscriptions can help us practise the journalism to which we are committed.

Support quality journalism and subscribe to Business Standard.

Digital Editor

Business Standard is now on Telegram.
For insightful reports and views on business, markets, politics and other issues, subscribe to our official Telegram channel