Cyberspace sweepers detect threats in PH

Cyberspace sweepers now detect more viruses than before, as the internet evolves into a network of human devices that can be wielded by those with malicious intent.

Global cybersecurity company Kaspersky Lab, which sweeps the internet for any new threat, says numerous malicious activities are detected even in developing nations such as the Philippines, as cyber criminals work beyond national borders.

“Cyber criminals are constantly trying to find ways to compromise, hack or perform malicious activities,” Kaspersky Lab corporate communications manager for Southeast Asia Sanjeev Nair says over dinner at a restaurant in Makati City.

Cyber criminals now have the power to control devices connected to the internet, from car engines to coffee machines, says Kaspersky Lab territory channel manager for Singapore and the Philippines Anthony Chua.

This becomes possible with the rise of internet of things, which refers to the network of physical objects with connectivity features.

“Even kitchen devices or appliances, refrigerators, aircons, all these are now computerized.  They become smart devices.  There were instances when they hacked into a coffee machine. Yes, they can do that,” he says.

“Basically, everything is now connected to the [internet] router around the house and you can control mobile phones, laptops, devices,” says Chua.

Nair says Kaspersky Lab tries to be one step ahead.  “We always innovate, look at other angles. For example, we did research on connected cars.  One of the hackers managed to hack into a jeep vehicle. It managed to shut off the engine while the car was moving along the highway, remotely.  We are looking into that, we are looking into other things. We are looking at internet of things,” he says.

Kaspersky Lab, which was founded in Moscow, Russia in 1997, provides security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. It has 270,000 corporate clients globally. 

“The company is growing. We have 3,300 highly qualified specialists operating in almost 200 countries and territories around the world,” says Chua.

One of the threats detected in the Philippines is xDedic marketplace for compromised servers, according to Nair.  “In the past two months, we have discovered threats, one of which is online market-based forum selling compromised servers or xDedic to cyber criminals. Basically, you are able to buy and sell compromised servers.  People can use it for a lot of things, for example money laundering.  You can use servers to hack or perform malicious attacks,” says Nair.

Chua says the threat was detected not only in the Philippines, but also in 172 other territories and involving more than 70,000 servers.  The Philippines ranked No. 48 in the list.

Kaspersky Lab researchers discovered that cyber criminals can buy and sell access to compromised servers for as low as $6 each. The xDedic marketplace, which appears to be run by a Russian-speaking group, currently lists 70,624 hacked remote desktop protocol servers for sale, it says.

The Philippines is among the top 50 countries with hacked servers listed in xDedic.  The servers’ legitimate owners, reputable organizations including government networks, corporations and universities are often unaware that their IT infrastructure has been compromised, according to Kaspersky Lab. 

Chua says in the Philippines, there were people and companies that became victims of these attacks.  “We cannot disclose the victims. But there were, and there were attempts,” he says.

Nair says cybersecurity is a growing industry, as more people buy smartphones with internet access and conduct financial transactions online.  “We have seen spikes in iOS platform. We have seen spikes in Androids and other platforms,” he says.

Smartphones can be compromised when charged using a standard USB connection connected to a computer, Kaspersky Lab experts say.

The company’s experts tested a number of smartphones running various versions of Android and iOS operating systems in order to understand what data the device transfers externally while connected to a PC or Mac for charging. The test results indicate that the mobiles reveal a whole litany of data to the computer during the ‘handshake’ including the device name, device manufacturer, device type, serial number, firmware information, operating system information, file system/file list and electronic chip ID.

A global study by Kaspersky Lab also shows that cyberattack tools used against businesses in 2015 were different to those used against consumers.  They included greater exploitation of legitimate software programs and malware being signed with valid digital signatures to keep malicious files hidden for longer. 

Kaspersky Lab’s experts also observe a steady rise in the number of corporate users attacked by ransomware.   In 2015, about 58 percent of corporate PCs were hit with at least one attempted malware infection, up three percentage points in 2014.  

One in three or 29 percent of business computers were exposed at least once to an Internet-based attack, with the exploitation of standard office applications seen three times as often as in consumer attacks.   

About 41 percent of business computers faced local threats, such as from infected USB sticks or other compromised removable media.  

Nair says this is why Kaspersky Lab increases its presence in the Philippines.  “We are growing year by year in the Philippines.  On the estimate in 2015, we are doing about $1.5 million.  We are looking at a higher level in 2016,” he says.

Meanwhile, another study by Kaspersky Lab shows that paranoid users are turning to a multitude of methods to keep their personal data away from prying eyes in the online world, including hiding their computers.

The research shows 20 percent admit that they cover up their webcam, in an attempt to protect their privacy. 

“Useful in itself, it’s important to recognize that covering a webcam cannot prevent audio interception and protect users from being listened to by hackers or malicious groups,” the study says.

The research also says 28 percent of internet users store their sensitive data on devices that have no Internet access, mistakenly thinking that this will guarantee the protection of their data. 

Another 18 percent of those surveyed admitted that they try to avoid using popular websites like Google and Facebook because of the personal information they gather, despite the fact that it is normal practice for almost all websites to track users and collect some user data today. 

Moreover, 8 percent of paranoid respondents admitted to hiding their computers from other people, even though this will not help protect them from Internet threats. 

Nair says Kaspersky Lab provides solutions for consumers and enterprises.  “Business is set to grow tremendously over the the next year. That’s the reason why we are here,” he says.  “Ideally, everybody requires our services.  We talk about cybersecurity.  It is not something that one company needs, and the others don’t.  It does not work that way.”

The Philippines became a battleground against cyber criminals, when a syndicate illegally transferred $81 million from Bangladesh Bank to Rizal Commercial Banking Corp. early this year.  

Nair says small businesses can lose hundreds to thousands to cyber criminals.  “If you are a big business, the cost can be in millions.  It depends on how you quantify cost as well,” he says.

He says losses can be more than monetary.  “You can lose precious data, privacy, credentials, contact numbers which are valuable as well.   The biggest cost to any organization when it comes to these incidents is the reputation. One you lose the reputation, it will be very difficult to build it back,” he says.

Nair says this is why Kaspersky Lab continues to research on latest developments.  “For computers, mobiles phones, servers and corporate networks, we have solutions for that.  We are also researching into all kinds of devices or internet of things.  Apart from looking at that, we are also looking at human bio-hacking and chip implants.  Our research team is all over the world.  We have 43 researchers who are constantly researching on these things,” he says.