Thailand still ranks among the countries most vulnerable to malware


Thailand has been ranked among the top 10 Asian countries most at risk from malware and other cybersecurity threats, according to Microsoft Asia.

Microsoft’s latest Global Security Intelligence Report found that Thailand had an average malware encounter rate of 20 percent in the first quarter of 2017, almost double 9 percent global average.

The report ranked Thailand 9th out of 21 Asia-Pacific markets.

The report gives analysis on cybersecurity threats around the world, focussing on exploits, malware, web based attacks and software vulnerabilities. This latest version of the report also detailed attacks on cloud storage.

The report found that Bangladesh, Pakistan, Cambodia, Indonesia and Mongolia were the countries most at risk from malware.


Countries with more mature IT infrastructure, such as Hong Kong, Singapore, Australia, New Zealand and Japan were the countries least vulnerable to cybersecurity threats.

Microsoft says that in Bangladesh, Pakistan, Cambodia and Indonesia a staggering one in four computers running Microsoft security products reported malware attacks between January and March of this year.

“Driven by the proliferation of endpoints and the ubiquitous computing power of the cloud, the opportunity for digital transformation to make broad and profound impacts on society has never been greater,” said Keshav Dhakad, assistant general counsel & regional director, Digital Crimes Unit (DCU), Microsoft Asia.

“However, for digitalisation to reach its fullest potential, users must first trust the technology they use. Microsoft is committed to helping our customers and partners build that trust and the first step is to help them understand the multitude of cyber threats out there so that they can implement more effective ways to manage and neutralise these risks.”

The report also found a significant rise in ransomware which was driven by high profile attacks such as WannaCrypt and Petya which exploited vulnerabilities in outdated versions of Windows.

The report also said that as organisations increasingly use the cloud to store data, cloud storage is increasingly being targeted by cybercriminals. The report found that cloud storage services had seen a 300 percent increase in attacks globally in the first quarter of 2017.

Microsoft also said that login attempts from malicious IP addresses increased 44 percent compared to the same period last year.

“In today’s digital age, security cannot be an afterthought. It must be ‘built-in’, all-inclusive and intelligent. The comprehensive threat intelligence that we provide with our SIR as well as advanced security solutions and best IT hygiene practices will all play a critical role in integrating cybersecurity into an organisation’s DNA,” said Keshav.

“By making security a top priority, we can build greater trust in technology and enable digital transformation to reach its fullest potential and fulfil its grandest ambitions.”

How to keep your PC free from malware

Microsoft recommends the following best practices in order to reduce the chances of your PC being infected with malware:

Do not work in public Wi-Fi hotspots where attackers can eavesdrop on digital communications, capture logins and passwords, and access personal data.

Regularly update the operating system and other software programs to ensure the latest patches are installed. This reduces the risk of vulnerability exploitation. Users should also install the most recent release of Windows 10 to take advantage of its improved security capabilities.

Reduce risk of credential compromise by educating users on why they should avoid simple passwords and enforcing multi-factor authentication methods. For example, the Azure Multi-Factor Authentication (MFA) provides organisations with a two-step verification solution that helps safeguard access to data and applications while meeting users’ demand for a simple sign-in process by delivering strong authentication via a range of easy verification options.

Enforce security policies that control access to sensitive data and limit corporate network access to appropriate users, locations, devices, and operating systems. For example, Microsoft Azure Active Directory Identity Protection enables enterprises to configure risk-based policies to automatically protect identities across their organisation. These policies can automatically block users without proper authorisation or offer suggestions that include password resets and multi-factor authentication enforcement.


Comments are closed.