Mobile malware growing within Asean

As the pandemic continues to grip Southeast Asia, more workers are expected to set up remote office environments, if not continue to work virtually. This keeps people safer physically, but can also leave their employers more vulnerable.

The cybersecurity firm Kaspersky detected and blocked 382,578 mobile attacks against users in Southeast Asia during the first half of 2021, a 14% increase from the same period last year.

Even though Bring Your Own Device (BYOD) has been a trend since before the pandemic, its use has increased exponentially since 2020 as companies adapted their IT infrastructure for business continuity. This, in turn, gave employees a bigger role — for better or worse — in a company’s network security.

A survey done by Kaspersky last year revealed that a little more than two-thirds of respondents are using a personal device to work from home. Some are also using work devices for personal activities such as watching video and educational content, reading news or playing video games.

Most interestingly, 33% of the 6,017 employees surveyed worldwide last year admitted to using their office devices to watch adult content, a type of content that is often targeted by cybercriminals.

“Laptops are the main workhorse but mobile devices have also been used to access office emails and work-related systems even before the pandemic,” said Yeo Siang Tiong, general manager for Southeast Asia with Kaspersky.

“Companies should revisit their policies, access rights and security set-up to block cybercriminals from entering their enterprise network through infected smartphones.”

The first three months of 2021 set a record with 205,995 detected incidents of mobile malware attacks in Southeast Asia.

While mobile malware hasn’t quite caught up to its PC counterpart in terms of volume or complexity, experts are seeing more mobile-specific malware designed to prey on smartphone features or tablet vulnerabilities.

Mobile malware can steal an individual’s personal data and also be a launchpad for a targeted attack against a user’s employer.

Since 2020, Kaspersky has been monitoring and blocking at least 100,000 mobile malware attacks in Southeast Asia per quarter. The first three months of 2021 set a record with 205,995 detected incidents.

Indonesia logged the highest number of foiled mobile attacks from January 2020 to June 2021, followed by Malaysia and Thailand. Indonesia was also third worldwide in mobile malware detected in the second quarter of this year, behind Russia and Ukraine.

In terms of the percentage of users attacked by mobile malware, 4.42% users in Malaysia were targeted during the first half of this year, followed by Thailand (4.26%) and Indonesia (2.95%).

The three most common mobile threats in Southeast Asia include:

– Trojans: Malicious programs that perform actions that are not authorised by the user. They delete, block, modify or copy data, and disrupt the performance of computers or computer networks.

– Trojan-downloader: Downloads and installs new versions of malicious programs, including trojans and adware on victims’ computers. Once downloaded, the programs are launched or included on a list of programs that will run automatically when the operating system boots up.

– Trojan-dropper: Programs de- signed to secretly install malicious programs built into their code to victims’ computers. A range of files are saved to the victim’s drive, and launched without any notification (or with fake notification of an archive error, an outdated operating system version, etc).

“BYOD is here to stay and companies should take steps to beef up their defences,” said Mr Yeo. “It is important to train employees regularly, keep them informed about the latest threats online, and provide them with tools such as encrypted devices, endpoint protections and VPN. Most importantly, build a culture of trust and shared responsibility towards enterprise security.”

Kaspersky experts suggest the following tips for enterprises to better protect their networks and devices against cybercriminals:

– Ensure your employees have all they need to securely work from home and know who to contact if they face an IT or security issue.

– Schedule basic security awareness training for your employees. This can be done online and cover essential practices, such as account and password management, email security, endpoint security and web browsing.

– Take key data protection measures including switching on password protection, encrypting work devices and ensuring data is backed up.

– Ensure devices, software, applications and services are kept updated with the latest patches.

– Install proven protection software on all endpoints, including mobile devices, and switch on firewalls.

– Double-check the protection available on mobile devices. For example, it should enable anti-theft capabilities such as remote device location, locking and wiping of data, screen locking, passwords and biometric security features like Face ID or Touch ID, as well as enable application controls to ensure only approved applications are used by employees.

Kaspersky also offers the following recommendations for consumers and workers during their time at home:

– Ensure your router supports and works smoothly when transmitting WiFi to several devices simultaneously, even when multiple workers are online and there is heavy traffic (as is the case when using video conferencing).

– Regularly update your router to avoid potential security issues.

– Set up strong passwords for your router and WiFi network.

– If you can, only do work on devices provided by your employer. Putting corporate information on your personal devices could lead to potential security and confidentiality issues.

– Follow the rules of cyberhygiene: Use strong passwords for all accounts, do not open suspicious links from emails and IMs, never install software from third-party makers, be alert and use a reliable security solution.