Study: HK has less malware infections but more phishing sites than global average

Microsoft last week released the Microsoft Security Intelligence Report volume 14 (SIRv14), an biannual report includes data from the second half of 2012 and contains threat intelligence from over a billion computers worldwide.

According to Microsoft, the Malicious Software Removal Tool (MSRT) detected malware on 2.2 of every 1,000 computers scanned in Hong Kong in the Q4 2012, compared to the worldwide average of 6.0. The study also found 6.23 phishing sites per 1,000 hosts in Hong Kong, up from 6.01 in the third quarter of 2012, which is also higher than the worldwide average of 5.10

Concerning antivirus, the study shows 2.5 out of 10 computers on average do not use up-to-date Antivirus. Without this vital protection layer, computers are 5.5 times more likely to be infected with malware, the report shows.

"People intuitively understand the importance of locking their front door to prevent their homes from being broken into. Computer security is no different. Surfing the internet without an up-to-date Antivirus is like leaving your front door open to criminals," said Tim Rains, director, Microsoft Trustworthy Computing. With the release of this new research, Microsoft is urging people to make sure they have up-to-date Antivirus installed on their computers."

"Regardless of whether you use a free or paid for solution, the importance of Antivirus cannot be overstated," Rains added. "By taking the proper measures to protect your computer, including the most basic step of installing Antivirus, people can dramatically reduce their risk of becoming a victim."

In an interview with Asia Cloud Forum, Rains explains whether enterprises can guard themselves against these cyber threats with cloud adoption, and whether a computer can still be compromised by using public cloud services.

Asia Cloud Forum (ACF): Is cloud adoption a sure way to guard enterprises against the cyber threats described in SIRv14?

Tim Rains (TR): There are two parts of the cloud. There is the data center, and there are also clients that are being used to access the cloud. If the clients are compromised by malware identified in the SIRv14 report, the data might be [still be] safe from the data center, but now it's being accessed by clients that are compromised.

Often times I call that the forgotten part of cloud security. Because people are very focused on the data center security, but they should be equally focused on the client side [to guard against various cyber threats.]

ACF: Can my computer be still compromised by malware if I use a public cloud service hosted in a third-party facility?

TR: If you are using your laptop, for example, to access any cloud-based service, if there is malware on that system, then there are a lot of malware that you can keystroke log in, which watches as you key in. Certain malware actually does screen scripting, which enables it to see what's on your screen. These malware can also enable your microphone and your camera in order to get all sorts of information. And so, one of the key things that [cloud service] customers have to do, is to figure out which content or what data is appropriate to store on the cloud, and what they have to store locally.

By going through this data classification process, a cloud service user can understand the value of data and decide: Is it appropriate to put it in the cloud? Or do I need to store it locally in my own infrastructure? It is critical to go through such data classification process to understand what the risk is by moving data to the cloud.

ACF: What has Microsoft done to enhance the security of its cloud services?

TR: For a lot of enterprise customers that want, or are considering cloud computing, what they want to know is the cloud service that they are considering is operating in the way that is consistent with how they operate their own infrastructure.

For customers that have compliance obligations, if they don't keep those obligations then they can get shut down by the government. And so when they consider cloud computing, they face this new paradigm, where most of the security controls are out of their control. And this is obviously an uncomfortable feeling.

[As part of the Cloud Security Alliance,] what we are trying to do is to give organizations enough transparency into how we [Microsoft and other partners belonging to the Cloud Security Alliance] do security controls, and define security standards for cloud computing. In this way, we provide enough transparency to customers, so they can understand how our services are being operated.

[Enterprises are also concerned about] industry standards -- one of them being ISO27001, an industry standard for security management. What we've done at the Cloud Security Alliance, is come up with a list of controls that are based on ISO27001 -- an industry standard that a lot of customers know really well.

Then Microsoft tries to provide enough insight into how we manage those controls that they can understand how we are managing our cloud services. And that level of transparency, really helps them feel comfortable with the cloud, knowing that it is being operated responsibly, and on a standards-based way, and knowing that it is aligned with how they want their data and applications managed.

Join the CSO newsletter!

Error: Please check your email address.

Tags Microsoftsecurityscamsmalware

More about Microsoft

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Carol Ko

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place