On-device, or local, threat’ incidents are caused by malware spread via removable USB drives, CDs and DVDs, or by files that initially made their way onto the computer in non-open form (for example, programmes in complex installers, encrypted files, etc.)
Companies in Southeast Asia encountered more than 24 million on-device threats in the first six months of 2024. From January to June this year, Kaspersky business solutions detected and blocked 24,289,901 threats of this kind
Overall, organisations in Vietnam and Indonesia experienced the most number of local threats’ incidents, logging 10,531,086 and 7,954,823 respectively. Thailand and Malaysia came behind them at third and fourth with 2,650,007 and 1,965,270. Singapore had the lowest number of on-device threats with 501,148 while the Philippines faced 687,567 cases.
The statistics are produced by Kaspersky security solutions scans of files on the hard drive at the moment they were created or accessed, as well as the results of scanning removable storage media.
“The increasing digitisation of financial systems, e-commerce, and other industries has increased the number of internet users and expanded the attack surface for cybercriminals. In addition to that, the lack of awareness of best practices and varying level of security protection also contributed to businesses facing high number of threats and attacks,” says Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.
“Protection against attacks coming from removable devices or non-open form files requires robust security solutions capable of treating infected objects and further enhanced with a firewall, anti-rootkit functionality and control over removable devices. Perform regular computer scan for viruses and malware to prevent spread,” Yeo adds.
For overall protection, Kaspersky recommends the following:
1. Always keep software updated on all the devices to prevent attackers from exploiting vulnerabilities and infiltrating organisation’s network.
2. Back up data regularly and ensuring they can be accessed quickly when needed or in an emergency.
3. Avoid downloading and installing pirated software or software from unknown sources.
4. Assess and audit your supply chain and managed services access to your environment. Kaspersky offers compromise assessment services.
5. Monitor access and activity by having visibility over the network to spot any unusual activity, and controlling user access to as-need, and as-required basis to minimise risks of unauthorised access and data leak.
6. Set up a security operation centre (SOC) using an SIEM (security information and event management) tool like Kaspersky Unified Monitoring and Analysis Platform, a unified console for monitoring and analysing information security incidents, and solutions such as Kaspersky Next XDR Expert, a robust cybersecurity solution that defends against sophisticated cyberthreats.
7. Use the latest Threat Intelligence information to have an in-depth visibility into cyberthreats targeting your organisation and provide your InfoSec professionals with the most comprehensive and up-to-date information regarding potential malicious actors and their TTPs.
8. Educate employees and improve their cybersecurity literacy through tools such as Kaspersky Automated Security Awareness Platform – Employees should be aware of the risks of cybersecurity threats and how to protect themselves and organisation from them.
9. If your company does not have a dedicated IT security function and only has generalist IT admins who may lack the specialist skills required for expert-level detection and response solutions, consider subscribing to a managed service such as Kaspersky MDR. This would instantly boost your security capabilities by an order of magnitude, while allowing you to focus on building in-house expertise.
10. For protection of very small businesses, use solutions intended to help you manage your cybersecurity even without having an IT administrator on board. Kaspersky Small Office Security provides you with hands-off security due to ‘install and forget’ protection and saves the budget which is crucial, particularly in the early stages of business development.