JEDDAH — Malware attacks in the Middle East, Turkey and Africa (META) surged in Q1 2019 to more than 150 million attacks in Q1 alone, representing an average of 1.6 million attacks per day, and an alarming 108% increase over Q1 2018, Kaspersky Lab revealed on the evolution of the digital threat landscape in the region.

With some of the highest mobile phone penetration rates in the world, it is no surprise that the META region also attracts a significant share of malware attacks targeted at mobiles. Mobile malware attacks in META in Q1 2019 numbered more than 368,000, an average of 4,098 per day, and a spike of 118% when compared to Q1 2018.

The META region also faced consistent attacks during Q1 2019 in areas such as:

• Crypto-mining Malware: 3.16m attacks; daily average of 35k; 146% increase over Q1 2018

• Phishing: 5.83m attacks; daily average of 64k; 334% increase over Q1 2018

• Ransomware: 193k attacks; daily average of 2.1k; 18% decrease over Q1 2018

“A drop in ransomware incidents is a great showcase of the security consciousness that is growing in the META region. At the same time, we have to realize that if there are less ransomware attacks, malicious attention is being diverted elsewhere. Personal and organization-facing financial threats seem to be growing unabated, and we are using Cyber Security Weekend as a platform to strengthen awareness of new and emerging areas of vulnerability”, said Amin Hasbini, Senior security Researcher, Global Research and Analysis Team at Kaspersky Lab.

Calling the continuing need for security awareness and education into clear relief, the Kaspersky Security Network cloud service statistics showed that an average of 27.3% of all users in the META region were affected by web threat incidents during Q1 2019. Saudi Arabia had the highest number of users (35.9%), while Namibia had the lowest (18.5%). Nearly half of all users (average 49.3%) in the META region have reported local threats (such as those spread in local networks, via USB/CD/DVD), with the highest concentration in Kenya (56.8%), and the lowest in South Africa (43.6%).

At a more granular level, Kaspersky Lab revealed the threats faced by individual countries within the META region. This ‘street-level’ view shows that the threat landscape is not always uniform, and that some countries tend to experience more of certain types of threats than others. For instance, the UAE, with a population of 9 million, has experienced 1.1 million instances of phishing and 23 million instances of malware. Even so, from a numbers standpoint, Turkey takes pole position for incidents of phishing (1.24m), malware (39m), and mobile malware (87k).

Kaspersky Lab’s CSW 2019 featured a panel discussion about cyber awareness and cyber education being the key element of building a sustainable protection for any organization – the human firewall. Baran Erdogan, Founder and CTO of Secure Computing, Turkey, who attended the event as an expert guest, commented: “Two major factors that are changing rapidly, significantly increase the need for cyber awareness.

The first factor is that the attack perimeters are evolving. In the past IT centric security was mainly taken into consideration since users had limited access to IT resources from less complex interfaces. But now corporate data is accessed from everywhere including mobile devices and cloud, and any company that is willing to grow and develop, should make these opportunities accessible as much as possible. Second factor is that attack vectors are getting more complex and user centric. Cybercriminals are focusing on employees since it is much easier to penetrate cyber defense measures from inside of a company by leveraging employees without necessary awareness level rather than from outside”.

Recently launched Kaspersky Automated Security Awareness Platform (KASAP), which was also showcased at the event, aims at helping companies of any size to address gaps in employees’ cybersecurity skills and knowledge, The online service aims to help companies boost the cyber-awareness of their employees enhancing training efficiency with micro learning, different lessons formats and continuous reinforcement. — SG