APAC clocked most malicious mobile apps in 2017
Asia-Pacific had to deal with the highest number of malicious mobile apps last year and also was the region most affected across multiple categories, including ransomware and online banking malware.
Some 3.3 million malicious mobile apps were detected in the region--five times more than EMEA, which was the next most effected region with 617,290 identified malicious apps.
Asia-Pacific also clocked the highest number of threats in ransomware, accounting for 40 percent of the global figure, according to Trend Micro's 2017 annual security roundup report. In addition, the region saw the highest number of exploit kit attacks, at 70 percent, and had the highest number of PCs infected by online banking malware, at 55 percent.
Last year, 553 data breaches were reported publicly, compared to 813 in 2016, noted Trend Micro's Asia, Middle East, and Africa managing director, Dhanya Thakkar. However, the number of affected records hit almost 5 billion, compared to 3.3 billion in 2016.
"Ransomware threats and exploit kits also decreased in 2017, signalling a shift away from spray-and-pray attacks, and towards smaller-scale, more effective, and more targeted attacks," Thakkar said.
Globally, there were 1.7 billion ransomware over the last two years, resulting in an estimated loss of US$5 billion. Asia-Pacific was hit by almost 40 percent of such attacks. Some 630 million threats were detected in 2017 alone, down from 1.07 billion the year before.
Trend Micro also pointed to "soaring rates" of cryptocurrency mining malware, which exceeded 100,000 in October last year. More than 45.6 million cryptocurrency mining activities were identified across the year, accounting for a large proportion of events detected on Internet of Things (IoT) devices.
The number of Business Email Compromise attempts also doubled between the first and second half of the year.
Singapore issues cautionary note on mobile banking
Meanwhile, Singapore's banking regulator and cybersecurity government agency issued a joint statement advising consumers to exercise caution when conducting mobile banking transactions.
"Cybercriminals are targeting mobile banking users to phish for their personal data, login credentials to online services, and credit card information. These threats come in different forms, such as the installation of malware on mobile devices, the sniffing of data over unsecured Wi-Fi networks, or phishing scams masquerading as official correspondence from financial institutions," they said.
The statement listed recommended steps consumers should take when banking on their mobile devices, which included accessing only trusted sources, avoiding unsecured Wi-Fi networks when banking online, and enabling two-factor authentication.