Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Asians beware! Ransomware is travelling East

Zafar Anjum | June 25, 2014
In this interview, Tim Rains, Director of Trustworthy Computing, Microsoft, explains how ransomware is traveling East and how Asian users can safeguard themselves from falling victim to this malware

Tim Rains, Director of Trustworthy Computing, Microsoft

In late May this year, Microsoft came out with a security report that made a bold declaration: deception is now the favourite tactic of cybercriminals.

The report identified deceptive downloads as threat in 95 % of the countries/regions where data had been gathered. It described deceptive downloads as the bundling of malware with legitimate downloadable content to lure victims. Examples of such legitimate content would be software, music or videos found online.

With regard to Singapore, the report cited Rotbrew, Brantall, and Obfuscator as the top three deceptive threats during Q4 2013.

Microsoft's cyber security report was based on data gathered from more than a billion systems across 110 countries and regions. Data gathering took place during the second half of 2013.

At Microsoft's headquarters in Redmond in early June, Tim Rains, Director, Trustworthy Computing, Microsoft, said that reliance on deception tripled in the last quarter of 2013. However, there has been a 70% decrease between 2010 and 2013 in severe vulnerabilities exploited in Microsoft products.

But the bad news is, according to Rains, ransomware is here (like someone sending you an email pretending to be your local police or immigration officer), and it is traveling East-from Russia and Kazakhstan. So, beware Asian users!

Rains and his team see a lot of worm activity in Asia. The good news, at least for Singapore, is that Singapore has a low malware encounter rate compared to other countries: 10 percent against the average of 22 percent worldwide.

While discussing the cybersecurity report, I had the opportunity to ask Rains some detailed questions about malware activity in general and ransomware in particular. Here are his answers:

There was a 70% reduction in exploits that target the most severe vulnerabilities in Microsoft products between 2010 - 2013. What led to these reductions?

Rains: Newer versions of software include the latest in security innovations and advancements which make it more difficult and costly for cybercriminals to exploit vulnerabilities. Increased adoption of newer software has likely been a major factor in the declining trend of new exploits against severe vulnerabilities in Microsoft products over the past three years.

Last year, Microsoft discovered that cyber criminals were relying more on deception. How long could this trend last?

As long as this tactic is effective, cybercriminals will likely continue to use it.  That's why greater awareness of these tactics is important and can help make it harder for cybercriminals to be successful. In the last six months of 2013, we saw cybercriminals increasingly relying on deception. One of the most dominant deceptive techniques used worldwide during that time frame was deceptive downloads. Deceptive downloads is a tactic whereby cybercriminals will bundle malware with legitimate programs such as software, videos or music downloaded online. Typically these downloads are on untrusted sites and come with enticing offers. One of the most common bundles of deceptive software in the 4th quarter of 2013 - Rotbrow - contained malicious software. This software started out legitimate and then turned malicious months later and distributed known malware. This tactic will likely be used in the future by cybercriminals. There are some best practices which can help protect against deceptive downloads:

  • When downloading or obtaining software, audio or video files, do so from a trusted source.
  • Get the latest computer updates for all your installed software.
  • As a best practice, we recommend using Internet Explorer with SmartScreen enabled which can help protect users from malicious downloads.

 

1  2  Next Page 

Sign up for Computerworld eNewsletters.