The Threat Landscape in Asia & Oceania – Part 3: Malaysia and Singapore

In part 1 and part 2 of this series on the threat landscape in Asia and Oceania I focused on Vietnam, India, Korea and Japan.  In this third part of the series, I’m focusing on Malaysia and Singapore. 

I have visited both of these countries in the past to discuss threats in these locations with customers.  Both of these locations typically have malware infection rates (CCM) above the worldwide average.  This changed in the third (3Q11) and fourth (4Q11) quarters of 2011 as seen in figure 1.  Singapore’s CCM trended down below Malaysia’s in 3Q11 after being above it for all four of the previous quarters.

Figure 1: Computers cleaned per mille (CCM) for select locations in Asia and Oceania, with the worldwide average for the third (3Q11) and fourth (4Q11) quarters of 2011

Malaysia
The malware infection rate in Malaysia has been trending down over the past several quarters, though it remains above the worldwide average.

Figure 2: CCM infection trends in Malaysia and worldwide by quarter in 2011

Worms were significantly above the worldwide average in Malaysia in the second half of 2011.  Worms affected 39% of all computers cleaned there in 4Q11, up from 35% in 3Q11.  Five of the top ten threats in Malaysia in 4Q11 were worms including Win32/Autorun, Win32/Dorkbot, Win32/Conficker, Win32/Rimecud, and Win32/Nuqel.

Figure 3 (left): Malware and potentially unwanted software categories in Malaysia in 4Q11, by percentage of cleaned computers affected, totals can exceed 100 percent because some computers are affected by more than one kind of threat; Figure 4 (right): The top 10 malware and potentially unwanted software families in Malaysia in 4Q11

   

It is also noteworthy to see Win32/Sality, a sophisticated virus, in the top five threats in Malaysia.  Sality variants can steal cached passwords and log keystrokes entered on the affected computer. 

Figure 5: Phishing sites, malware hosting sites and drive-by download sites hosted in Malaysia in 4Q11 as published in the Microsoft Security Intelligence Report volume 12

Singapore
Singapore’s malware infection rate has trended down from being well above the worldwide average to being below it in the second half of 2011. Three of the top ten threats in Singapore are the same families of worms found in Malaysia.  Unlike Malaysia however, Win32/Sality is not among the top ten threats found in Singapore.

Figure 6 (left): CCM infection trends in Singapore and worldwide; Figure 7 (right): Malware and potentially unwanted software categories in Singapore in 4Q11, by percentage of cleaned computers affected, totals can exceed 100 percent because some computers are affected by more than one kind of threat

   

In Singapore in 4Q11 phishing sites and malware hosting sites were both above the worldwide average.

Figure 8 (left): The top 10 malware and potentially unwanted software families in Singapore in 4Q11; Figure 9 (right): Phishing sites, malware hosting sites and drive-by download sites hosted in Singapore in 4Q11 as published in the Microsoft Security Intelligence Report volume 12

 

 

I asked Freddy Tan, who is a Microsoft Cyber Security Strategist based in Singapore about what’s happening there.  Freddy told me the following:

The Singapore government recognizes that more investment is needed in technology and capabilities for the police services, from front-line applications to back-end forensics as an aid to deterring and solving crime and achieving prosecutions.  http://news.hostexploit.com/cyber-security-news/4905-cybercrime-a-key-concern-for-singapores-progressive-police-force.html

This included the setting up of Go Safe Online.

The local media has also be proactive in highlighting cyber security and cyber crime issues which have raised the awareness of digital users in safeguarding their systems from malicious software.

Autorun worms were the top threats found in both Malaysia and Singapore.  Autorun worms have risen to the top of the list of threats in many parts of the world, including Asia.  I have written about these threats before in an article called Defending Against Autorun Attacks.

In the final part of this series I will examine the threats found in Australia and New Zealand.

Tim Rains
Director
Trustworthy Computing

 

 

About the Author
Tim Rains

Director, Trustworthy Computing

Tim Rains has over 20 years of experience in the technology industry across several disciplines including engineering, consulting, and marketing communications roles. He currently manages security marketing and corporate communications in the Trustworthy Computing division at Microsoft. His expertise ranges Read more »