PH falls in global ranking for web-borne threats


The Philippines slipped two notches down from its previous ranking in the latest top 10 global list of countries with the most web-borne threats based on a report from cybersecurity company Kaspersky.

In the 2020 Kaspersky Security Network (KSN) report, it showed that Kaspersky solutions installed in computers of Filipino users detected 44.42 million different internet-borne threats last year. The report also revealed that more than four-in-10 (42.2 percent) of online users in the country were almost infected with web threats in 2020, putting the country at 6th place globally.

“The number of web threats in the country is about 37.19 percent more in 2020 compared to 27.89 million web threats (44.4 percent) detected in 2019, placing the country 4th overall in that year,” Kaspersky said.

“Web threats are attacks via browsers, which is the basic method for cybercriminals to spread their malicious programs,” it added.

Making up the top 10 (ranked from No. 1 to 10) are: Nepal, Algeria, Mongolia, Somalia, Belarus, Philippines, Malaysia, Brunei, Rwanda and Kenya.

Kaspersky experts observed two noticeable trends behind the change of percentage users attacked by web threats, not just in the Philippines, but for countries all over the world:

The number of users that encounter web miners has been reduced by 1.5 times. A Trojan miner like Trojan.Script.Miner.gen is an example of a web-mining malware that is used by cybercriminals to secretly mine cryptocurrencies using someone’s computing power and electricity.

The number of users that encounter web skimmers has increased by about 20 percent. Web skimmers (sometimes referred to as sniffers) where scripts are embedded by attackers in online stores to steal credit card data of customers from websites.

According to Kaspersky, the top five sources of web threats in the Philippines as well as in other countries in the region and elsewhere in the world are the following:

1. Internet browsing. In the vast majority of cases, malware in web traffic is found during browsing scenarios – when an internet user visits an infected site or an online advertisement performs an unfair action.

2. Unintentional downloads of certain programs (or files) from the internet

3. Email attachments. Downloading of malicious attachments from online email services

4. Browser extensions activity. A browser extension is a plugin for a web browser that adds certain functions and features to it used for productivity, customization, shopping, games, etc. Examples of extensions are those that block ads on web pages, translate text between languages or add pages to a third-party bookmark service. Extensions can be malicious or dangerous because these come from third-party websites which collect data to sell to other entities later.

5. Downloads of malicious components or communications with control and command (C&C) servers performed by other malware. A C&C server helps a fraudster to control a botnet (a network of hijacked computer devices used to carry out various scams and cyberattacks) and sends malicious commands to its members, regulate spyware, send payload, etc.

Globally, the Philippines’s 2020 ranking in local threat detections also went down by one mark from 2019. With 44.54 million local incidents blocked on computers of Kaspersky users in the Philippines, it is currently at 62nd place from its 61st place in 2019 when it had 47.44 million incidents.

Statistics from the report also showed that more than four-in-10 (47.4 percent) of Filipino internet users were attempted to be attacked with local threats in 2020 compared to almost six-in-10 (56.90 percent) users who were affected in 2019.

Local threats are basically local infections where users are attacked by malware spread through “offline” methods such as  removable USB drives, CDs, and DVDs.

“One thing that all of us would remember very well about 2020 other than Covid-19 (coronavirus disease 2019) was the shift of major tasks online – mostly within the confines of our homes. It is now a common scenario to see working parents juggle work and assisting kids with their online classes. The stress of finding balance has understandably affected each of us emotionally and psychologically, which created the best scenario for cybercriminals to exploit the situation,” said Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.

“Last year, we saw several incidents of scams and social engineering tactics aimed at tricking the human mind to steal money or information, using buzzwords related to Covid-19. Avoiding such requires a lot of calmness and vigilance, which is a tough one to have amidst the chaos that is the pandemic,” he added.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.