PHL now 2nd country with most web threats


THE Philippines ranked second in the world with the most web threats in 2022, according to global cybersecurity firm Kaspersky, reflecting how cybercriminals were “relentless and persistent” in targeting Filipino organizations last year. 

According to the Kaspersky Security Network (KSN) Report for 2022, Kaspersky users in the Philippines received “repeated attacks” from threats through removable devices and affected web sites in 2022 versus the year prior. 

This made the Philippines go two notches up in the list of the most attacked countries last year, next to Mongolia, and followed by Ukraine, Greece, and Belarus. The ranking is based on the number of web-based cyberthreats detected and blocked by Kaspersky products. 

A single device can frequently be targeted by cybercriminals and subjected to multiple attacks, the report noted. 

“I would always insist for any business that’s new, or qualifies as a small and medium enterprise, to have basic protection from the get-go. Secure the endpoint and then have encryption in place. As you expand, spending on the business and security should be in lockstep. It’s pointless to build a business that is not protected because once you’re compromised, it is costly to repair the damage. At the very least, it could look like losing opportunities for your business because of lost customer trust,” said Chris Connell, Managing Director for Asia Pacific at Kaspersky.

In terms of vulnerabilities and attacks through removable devices such as USB sticks, the Philippines placed 72nd in the world, reaching 25.06 million malware attacks last year. 

Worms and file viruses accounted for the majority of such incidents that were detected and blocked by Kaspersky products in devices of its Filipino customers. 

Likewise, cybercriminals tried to penetrate systems through attacks via browsers. 

Detected and foiled incidents by Kaspersky plunged from 50.54 million to 39.39 million. Drive-by downloads and social engineering are the “favorite attack methods used by cyber

attackers to spread malware on their victims.”

The KSN report explained that a drive-by download attack is when a user visits a website and unintentionally downloads a malicious code; while a social engineering attack is when a user downloads malware but was made to believe it’s a legitimate program. If a company employee connects to an unsecured WiFi network or visits a non-work related website, such actions could result in disastrous and costly damage to company data. 

“In the Philippines, businesses continue to flourish despite the challenges. We have seen how adversity, such as the pandemic, hastened the digital transformation among local businesses and customers alike. In the same vein, cybercriminals saw it as an opportunity to take advantage of the cybersecurity weaknesses of those jumping on the digital wave. As the country moves towards sustaining its recovery, I hope Filipino businesses will be as aggressive in protecting their devices and their data as cybercriminals are persistent in preying on them,” Connell said.

Image credits: AP