Wednesday, May 11, 2016

Asia is a malware drain according to Microsoft

The last  Microsoft's Security Intelligence Report , referring to 2015 has been just published. The main change of this report has intelligence data from the Microsoft's cloud servers, like the Azure Active Directory or the Office 365 corporate version. Thanks to this data the report can say the 49% of cyberattacks came from Asia, being also this continent the one with more malware on their computers than rest of the world.

The origin of the attacks, according to the Microsoft Security Intelligence Report,
is distributed in the following way: 49% Asia, 20% Latin America, 14% Europe, 13% North America and 4% Africa. Moreover, the most attacked countries by malware are Pakistan, Indonesia, Palestinian territories, Bangladesh and Nepal. The least attacked are Japan, Finland, Norway and Sweden.

Special mention to websites which infect users without their browsers protected. Moldavia leads this ranking, with 12,7 malicious webs by 1000, followed by Cyprus, with 2,6 and Russia, with 1,8. Without leaving malicious websites, it highlight the websites used for phishing to mimic online services, followed by financial institutions webs.

Talking about malware detected on Windows systems, the proportion is  still increasing and in 2015 the average was 17,9% computers reporting malware to Microsoft. However, only in 0,92% of the cases this malware was erased using the Windows free tool, Malicious Software Removal Tool (MSRT).

The most detected malware family on Windows systems on 2015 was the Gamarue worm, distributed usually via exploit kits and social engineering, prevalent on the south of Asia and Mid Orient. It's followed by the Skeeyah, Peals and Dynamer families, affecting in a disproportionate way to Russian and East Europe computers according to the report. Talking about the fearsome ransomware, it's still hard to find it on the Microsoft computers, with low rates (0,16% in the second mid of 2015) but increasing on directed attacks and ransomware-as-a-service kits.

Regarding to exploits, 4 of the 10 most used were exploit kits, being Angler the most common family. Finally, the vulnerabilities are still increasing to alarming levels, growing a 9,4% from the first to the second half of the past year and reaching to more than 3.300 publicly reported vulnerabilities.

Definitively, an interesting report worth take a look. It exists a sum version for hurried people.


Post a Comment