India registered 7th highest malware encounter rate at 5.89 per cent in the past year across the 15 markets (Asia Pacific), the Microsoft Security Endpoint Threat Report 2019 suggests. This was 1.1 times higher than the regional average as cybercriminals continued to capitalise on the lower level of cyber awareness, high usage of unlicenced or pirated software, and sites that illegitimately offer free software or content.
"As security defences evolve and attackers rely on new techniques, Microsoft's unique access to billions of threat signals every day enables us to gather data and insights to inform our response to cyberattacks. The Microsoft Security Endpoint Threat report aims to create a better understanding of the evolving threat landscape and help organisations improve their cybersecurity posture by mitigating the effects of increasingly sophisticated attacks," says Mary Jo Schrade, Assistant General Counsel, Microsoft Digital Crimes Unit, Microsoft Asia.
In addition to the malware attacks, India recorded the second-highest cryptocurrency mining encounter rate at 0.23 per cent, which was 4.6 times higher than the regional and global average. These are the malware introduced into an unsuspecting user or organisation's machine(s), which then uses the machine's computing power to mine cryptocurrency.
The report also highlighted drive-by download attack, which is the unintentional download of malicious code to a device when the user visits a website, aimed at exploiting vulnerabilities in web browsers, applications, or even the operating system.
Cybercriminals remained focused on stealing financial information or intellectual property, which resulted in India, along with Hong Kong and Singapore, recording an increase in attack volume, over three times the regional and global average.
"While overall cyber hygiene in India has improved, we believe there is more to be done. Typically, high malware encounters are a result of excessive usage of unlicenced and/or pirated software, and the proliferation of sites that illegitimately offer free software or content, such as video streaming. Consumer education is important - users should regularly patch and update programs and devices and be able to identify unsafe websites and illegitimate software," says Keshav Dhakad, Group Head & Assistant General Counsel - Corporate, External & Legal Affairs, Microsoft India.
Even the COVID-19 themed attacks are on the rise. Of the millions of targeted phishing messages seen globally each day, roughly 60,000 include COVID-19 related malicious attachments or URLs. Attackers are impersonating established entities like the World Health Organisation (WHO), the Centers for Disease Control and Prevention (CDC), and the Department of Health to get into inboxes. Since the outbreak, Microsoft Intelligence Protection team's data has shown that every country in the world has seen at least one COVID-19 themed attack, and the volume of successful attacks in outbreak-hit countries seems to be increasing, as fear and the desire for information grows.