Malware attacks on IoT, Android devices in the country increase
By Arjay L. Balinbin
Reporter
ATTACKS on smart devices in the Philippines ballooned 192.24% in the first half, Kaspersky said.
The Philippines also placed third among Southeast Asian countries with the highest Android mobile malware (malicious software) attacks in the January to September period this year, maintaining its spot since 2017, according to the cybersecurity firm’s latest report released on Monday.
In an emailed reply to questions on Oct. 25, Kaspersky told BusinessWorld it detected 339 attacks on Internet of Things (IoT) devices in the Philippines like routers or DVR security cameras in the first six months of the year.
The latest figure is 192.24% higher than the 116 attacks detected in the first half of 2018.
“The increase was mainly due to an increase in the overall pool of honeypot IP addresses,” Kaspersky added.
In its latest “IoT: a malware story” report, Kaspersky said it detected 105 million attacks on smart devices worldwide. Such attacks came from 276,000 unique IP addresses, around nine times higher than the 12 million attacks recorded in the first six months of 2018.
The detection was carried out through the use of the honeypot technology.
Honeypots, according Kaspersky, are decoy devices “used to attract the attention of cybercriminals and analyze their activities.”
The internet security firm noted that cybercriminals have been capitalizing on “weak security” of IoT products.
“Cybercriminals are intensifying their attempts to create and monetize IoT botnets,” it added.
Kaspersky said despite the increase in the number of organizations and people who buy smart devices like routers or DVR security cameras, not many of them consider such devices worth protecting.
“Cybercriminals, however, are seeing more and more financial opportunities in exploiting such gadgets. They use networks of infected smart devices to conduct DDoS attacks or as a proxy for other types of malicious actions,” it added.
Top sources of infections during the said period are China, with 30% of all cyberattacks taking place from this country, second is Brazil with 19%, followed by Egypt with 12%, Kaspersky said.
During the first half of 2018, 28% of infections detected came from Brazil, 14% from China, and 11% from Japan.
For users to keep their devices protected from such attacks, Kaspersky said they may install updates for the firmware they use as soon as possible; constantly change and use complicated passwords; and keep the access to smart devices restricted by a local VPN, among others.
ANDROID MOBILE MALWARE
Kaspersky also detected 134,556 malware attempts in the Philippines from January to September this year, placing third in the region. The country has maintained its spot since 2017 when 519,119 attempts were recorded followed by 280,248 last year. The internet security firm said the country is next to list-toppers Indonesia and Malaysia, respectively.
Android mobile users who use banking and shopping apps are at high risk as 98% of malware designed for the Android operating system, Kaspersky said, adding that banking and ransomware Trojans are the top malware detected in the ASEAN region.
“Banking Trojans steal money from mobile users’ bank accounts that are linked to their bank cards and apps. These malware are popular with hackers because they provide a direct route into other people’s accounts,” it said.
Filipinos have also been targets of the Hiddapp mobile malware, which uses advertising as a monetization method.
This kind of malware “secretly downloads ads on to the infected device, displaying as many ads as possible to the Android device user. These Trojans can hide in the system folder which makes them difficult to remove. If the user detects the adware app, the Trojan will prevent the app from being deleted and instead re-install it at the first opportunity,” Kaspersky said.
Such attacks can be avoided if users download apps only from official stores like Google Play.
“It won’t provide a full security guarantee, but the risk of encountering a Trojan will be considerably lower. Apps from third party marketplaces are exactly where hackers plant their malware-ridden apps,” Kaspersky said.
Gloss