Malaysians need to increase security awareness
Computerworld (13 May 2011)

Microsoft and CyberSecurity Malaysia discuss SIR v10

KUALA LUMPUR 13 MAY 2011 - Malaysian government security agency CyberSecurity Malaysia says Malaysians need to be become even more security-conscious during the release of software giant Microsoft's latest Security Intelligence Report.

"Microsoft Security Intelligence Report (SIR) volume 10 shows that there has been a polarisation in cyber criminal behaviour and that marketing techniques are being used to target consumers'" said CyberSecurity Malaysia chief executive officer' Lt. Col. Dato' Husin Hj Jazri (Retired).

Husin said that apart from malicious and potentially unwanted software' Malaysian Internet users also face other forms of threats due to the low awareness surrounding the issue. "The level of awareness among Malaysian Internet users on safety issues in cyberspace needs to be intensified' now more than ever' to keep up with the rapidly growing number of citizens. Currently there are 17 million Internet users in Malaysia."

During the release of the report in Kuala Lumpur' Microsoft Malware Protection Centre (MMOC) general manager Vinny Gullotto said the study indicated a divergence in cyber criminal behaviour. "On one side' highly sophisticated criminals skilled at creating exploits and informed with intelligence about a target's environment' pursue high-value targets with large payoffs. On the other side' there are cyber criminals using more accessible attack methods' including social engineering tactics and leveraging exploits created by the more skilled criminals' to take a small amount of money from a large number of people. These attack methods include the use of rogue security software' phishing using social networking as the lure' and adware' all which have increased in prevalence in 2010."

Gullotto said that attackers continued to incorporate social lures that appear to be legitimate marketing campaigns and product promotions. "Six of the top 10 most prevalent malware families in the second half of 2010 fall into these categories of attack methods. Criminals using these malware families make money through tricking users with pay-per-click schemes' false advertisements' or fake security software for sale. Additionally' the report highlights an increase of more than 1'200 per cent in phishing using social networking as the lure' as these venues have become lucrative hot beds for criminal activity."

The Microsoft Security Intelligence Report (SIR) focuses on 2010 with new information for the period of July to December and gathers analysis of data from more than 600 million systems worldwide.

More work to do

Gullotto said phishing via social networking has increased from a low of 8.3 per cent of all phishing in January to a high of 84.5 per cent in December 2010. "The popularity of social networking sites has created new opportunities for cyber criminals to not only lure unsuspecting users' but also friends' colleagues and family through impersonation. These methods add to an existing list of social engineering techniques' such as financial and product promotions through e-mail and instant messenger' to extort money or trick users into downloading malicious content."

"The Security Intelligence Report also shows that worldwide detections of adware increased 70 per cent from the second quarter to the fourth quarter of 2010'" he said. "The detection of a new pair of adware families' JS/Pornpop and Win32/ClickPotato' between July and September 2010 contributed significantly to this increase. ClickPotato is a programme that displays pop-up and notification-style advertisements' based on the users' browsing habits' and Pornpop is an adware family that attempts to display pop-under advertisements in users' Web browsers that usually contain adult content."

"With more consumers and devices coming online every day' cyber criminals now have more opportunities than before to deceive users through attack methods like adware' phishing and rogue security software'" said analyst firm Ovum's principal analyst' Graham Titterington. "It's becoming increasingly difficult for consumers to decipher legitimate communications and promotions given the sophistication of tools criminals are using' so it's more important than ever to provide information and guidance about these online threats to increase protections and awareness."

"The software industry lead by Microsoft has significantly improved customer protections and guidance for some time now'" said Microsoft's Gullotto. "These efforts are making a difference but there is more work to do. We continue to see cyber criminals evolve attack methods such as a significant rise in social network phishing."

Malaysia's Worms

"In Malaysia' the most common category in the fourth quarter of 2010 was Worms' which affected 35.8 per cent of all infected computers' down from 41.4 per cent in the third quarter of 2010'" said Gullotto. "This was closely followed by Misc. Potentially Unwanted Software' which affected 27.5 per cent of all infected computers' an increase from 25.4 per cent in the third quarter of 2010. The third most common category in Malaysia in the fourth quarter of 2010 was Misc. Trojans' which affected 24.7 per cent of all infected computers' up from 23.0 per cent in the third quarter' 2010."

"While criminals work to evolve their attack methods' Microsoft and the industry will continue to collaborate with partners and customers to improve security and privacy and increase awareness'" he said. "A combined effort

helps to protect the broader online community from the threats propagating today and develop more secure software solutions to prevent criminals from reaping the benefits."

CyberSecurity Malaysia's Husin added that in the first quarter of 2011' Cyber999 Security Incident Help Centre handled 3563 incidents and 36 per cent of those (or 1273 incidents) are related to online fraud. "While the numbers are worrying' we are also happy to see that members of the public notifying us when they come across a fraudulent website or e-mails. CyberSecurity Malaysia is also dealing with issues like phishing sites proactively by releasing a browser plug-in called 'DontPhishme' for Internet users. Once installed' this security plug-in allows automatic detection of fake banking sites and educates the public about the danger of identity theft."