Hong Kong ranked riskiest country for malware attacks
8 of the 10 countries most exposed to threats are in Asia.
Sophos today released its Security Threat Report 2013, a detailed and interactive assessment of what’s happened in IT security for 2012 and what’s expected for 2013. Based on analyzed traffic, SophosLabs, Sophos’ global network of threat intelligence centers, has ranked the riskiest and safest countries for experiencing a malware attack in terms of the Threat Exposure Rate (TER). TER is measured as the percentage of PCs that experienced a malware attack, whether successful or failed, over a three month period in 2012.
Top 5 Riskiest Countries Rank Country TER* 1 Hong Kong 23.54% 2 Taiwan 21.26% 3 UAE 20.78% 4 Mexico 19.81% 5 India 17.44%
Top 5 Safest Countries Rank Country TER* 1 Norway 1.81% 2 Sweden 2.59% 3 Japan 2.63% 4 UK 3.51% 5 Switzerland 3.81%
"Unprotected computers are vulnerable to different kinds of malware attack. Exposure to the majority, but not all, comes from simply clicking on links in emails or browsing web pages that happen to be carrying malicious code. Although some websites are created with the intention of infecting visitors, legitimate websites continue to be a popular target for cybercriminals, as once they are compromised, they will infect completely unsuspecting internet users," said Sophos.
Here's more from Sophos about what to expect in 2013
While a large proportion of cybercrime continues to be opportunistic, Sophos believes that, in 2013, increased availability of malware testing platforms — some even providing criminals with money back guarantees – will make it more likely for malware to slip through traditional business security systems. As a result, we can expect to see an increase in the number of incidents where attackers have gained and sustained surreptitious access to corporate networks. Additional trends expected in the year ahead include:
• More basic web server mistakes Due to an uptick in credential-based extractions, IT professionals will need to pay equal attention to protecting both their computers as well as their web server environment.
• More “irreversible” malware More attacks will place a greater focus on the need for behavioral protection mechanisms as well as system hardening and backup/restore procedures.
• Attack toolkits with premium features A continued evolution in the maturation of exploit kits, including premium features such as built in scriptable web services, APIs, and malware quality assurance platforms that appear to make access to high quality malicious code even simpler.
• Better exploit mitigation Enhanced exploit mitigation will not mean the end of exploits, instead, the market will see a decrease in vulnerability exploits offset by a sharp rise in social engineering attacks across a wide array of platforms.
• Integration, privacy and security challenges With GPS and near field communication (NFC) becoming more integrated into mobile platforms, expect to see a convergence in our digital and physical lives. This trend is identifiable not just for mobile devices, but for computing in general. In the coming year, watch for new examples of attacks built on these technologies.