APAC's public sector, FSI prime targets for cybercriminals

Anuradha Shukla

Credit: Thinkstock

The public sector, financial services and technology sectors are the top 3 industries for cyberattacks in the Asia Pacific (APAC) region, according to McAfee Labs September 2017 Threats Report.

Globally, McAfee Labs counted 311 publicly disclosed security incidents in the second quarter (Q2), an increase of 3 percent over Q1. More than three-quarters (78 percent) of all publicly disclosed security incidents in Q2 took place in the Americas.

The health, public, and education sectors comprised over 50 percent of total incidents in 2016-2017 around the world.

The report also revealed that account hijacking led disclosed attack vectors, followed by denial of distribution of service (DDoS), leaks, targeted attacks, malware and SQL injections.

Besides that, new malware samples were found to have increased in Q2 to 52 million, a 67 percent increase. This increase in new malware is in part due to a significant increase in malware installers and the Faceliker Trojan. The Faceliker is a malware that infects Facebook account and makes a person like and promote certain apps and articles without the user's knowledge.

"Faceliker leverages and manipulates the social media and app based communications we increasingly use today," explained Vincent Weafer, vice president for McAfee Labs. "By making apps or news articles appear more popular, accepted and legitimate among friends, unknown actors can covertly influence the way we perceive value and even truth. As long as there is profit in such efforts, we should expect to see more such schemes in the future."

Overall, the total number of malware samples grew 23 percent in the past four quarters to almost 723 million samples.

The report also talked about the WannaCry and NotPetya attacks.  "It has been claimed that these ransomware campaigns were unsuccessful due to the amount of money made," said Raj Samani, chief scientist for McAfee. "However, it is just as likely that the motivation of WannaCry and NotPetya was not to make money but something else. If the motive was disruption then both campaigns were incredibly effective.  We now live in a world in which the motive behind ransomware includes more than simply making money, welcome to the world of pseudo-ransomware."

To help cybersecurity professionals better protect their organisations, McAfee advised them to know their enemy, know their network and know their tools. 

 "One underlying assumption is that, at every moment, there is at least one compromised system on the network, an attack that has managed to evade the organization's preventive security measures," said Ismael Valenzuela, principal engineer, Threat Hunting and Security Analytics at McAfee. "Threat hunters must quickly find artifacts or evidence that could indicate the presence of an adversary in the network, helping to contain and eliminate an attack before it raises an alarm or results in a data breach."