Australia in top five ransomware victims but fares relatively well on malware

Australians were the fifth most-frequent victims of ransomware schemes over the past year but stayed out of the top 20 most at-risk countries for Web-based malware infections overall, according to new figures from security firm Kaspersky Labs.

Only the US, UK, India and Canada had more incidents of the Cryptolocker ransomware than Australia, according to Kaspersky Labs' Kaspersky Security Bulletin 2013 annual wrap-up of security detection figures.

Cryptolocker has proved to be a particularly stubborn example of ransomware, with one US police department forced to pay the ransom, victims hit for a second time after paying the ransom, and others offering advice about how to avoid it.

CryptoLocker is likely to serve as inspiration for copycat cyber-criminals in 2014, security firm WatchGuard Technologies has warned, noting that “it has affected millions and it is suspected that the authors have made a high return in their criminal investment” and that companies should “plan for a surge of ransomware” next year.

The list of countries most at risk of malware infection – based on detection figures returned by users of the company's security tools in each country – was topped by Azerbaijan, in which 56.29% of unique Kaspersky Labs users were flagged as having suffered an infection.

Kazakhstan (55.62%), Armenia (54.92%), Russia (54.50%), Tajikistan (53.54%), Vietnam (50.34%), Moldova (47.20%), Belarus (47.08%), Ukraine (45.66%) and Kyrgyzstan (44.04%) rounded out the top ten most-affected countries, although the 15-strong size of the cohort in what Kaspersky classed as the 'high risk' category had more than halved since 2012, when it included 31 different countries.

Australia was classified as being at moderate risk of malware infection, with the detection rate of 38.9% putting it just behind Italy (39.6%) and ahead of the USA (38.1%), Poland (37.6%), the UK (36.7%), Brazil (34.6%), China (32.2%), Japan (25.3%) and others.

Five specific malware attacks were detected on more than 10 percent of user computers, with the DangerousObject.Multi.Generic category found by 39.1% of individual users and Trojan.Win32.Generic close behind with 38.0%.

More specific common attacks included Trojan.Win32.AutoRun.gen (20.1%), Virus.Win32.Sality.gen (13.4%), and Exploit.Win32.CVE-2010-2568.gen (10.6%).

Australia also ranked well on Kaspersky's metrics of local infections – which measures the rate of computer infection based on scans of computers, USB flash drives, camera and phone memory cards, and external hard drives.

Vietnam dominated that list with a 68.14% infection rate, with Bangladesh (64.93%), Nepal (62.39%), Mongolia (60.18%), and India (59.26%) rounding out the top five. The predominance of such countries reflected the relatively immature state of network infrastructure in those countries, where USB drives and other widely-shared media prove to be ready conduits for malware infections.

Australia was one of just nine countries with a low local infection rate, sitting between 24% and 33%. By comparison, the lowest infection rates were found in Denmark (14.74%), the Czech Republic (15.58%), Finland (15.93%), Cuba (17.18%), and Japan (18.93%).

Join the CSO newsletter!

Error: Please check your email address.

Tags Cryptolockerkasperskyransomwaremalware

More about KasperskyWatchguardWatchguard Technologies

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place