Vitaly Kamluk, director of Kaspersky Lab Research Team in Asia Pacific, discussed how cybersecurity threats evolved over the years at the Cybersecurity Summit 2017 yesterday (3 August). Credit: Adrian M. Reodique
The Philippines is the 8th most attacked country by mobile malware globally in 2016, said Vitaly Kamluk, director of Kaspersky Lab Research Team in Asia Pacific, at the Cybersecurity Summit 2017 on 3 August 2017.
"[Even though] only 15.7 percent of Filipinos were attacked by mobile malware during the first quarter of 2016, the country ended up having 34.97 percent of smartphone users on average who were successfully infected with mobile malware last year," he explained.
Kamluk said the increase in number of malware infections in the Philippines is most likely due to the popularity of cheap Android devices from manufacturers that are slow at providing software updates.
A profile of smartphone users in the Philippines released by online pawnshop startup, PawnHero, in 2016 found that eight in 10 smartphone owners in the country were using Android.
As such, Kamluk encouraged smartphone owners to install a security solution on their devices to protect themselves from malware. "You cannot just rely on the vendor because the vendor does not have enough resources to push those updates."
According to the Kaspersky Security Network (KSN), 16,000 internet-borne malware infections were detected on computers that had Kaspersky Lab products installed on them in the Philippines from April to June this year. KSN processes depersonalised cybersecurity-related data from voluntary Kaspersky Lab product users.
Globally, the cybersecurity company recorded 1.33 million mobile application threats from January to March 2017. Browsers, Android, Microsoft Office, Java and Adobe Flash Player were the most exploited applications in the first quarter of the year.
For businesses with bring your own device (BYOD) policy, Stephan Neumeier, managing director of Kaspersky Lab in Asia Pacific, said the best defence against mobile malware is educating employees with company security policies when working online. "Educating people what to do [is the obvious first step as very often, it all comes down to the human factor.There are also a lot mobile security solutions today [that can help] protect [the devices]," he said.
In addition, every employee must be involved in their organisation's cybersecurity efforts. "Everyone needs to take care, follow specific rules, and have policies in place. Everyone needs to make sure that the environment, infrastructures and devices are protected," he asserted.
Moreover, Neumeier believes that cybersecurity awareness has improved among organisations compared to a decade ago where IT leaders struggled to inculcate cyber education and gain buy-ins from management. "Because of the recent incidents we had over the last few years, I think cybersecurity and cyberdefence are now on everyone's radar and priority lists -- it's not just on the CSO level anymore, it goes all the way up to the CEO," he explained.
Sign up for Computerworld eNewsletters.