Cybersecurity threats are on the rise in Thailand

Suchit Leesa-Nguansuk

Cybersecurity threats in Thailand are intensifying, the country’s ranking dropping last year to 18th-worst from 25th in 2016, with cryptojacking in particular on the rise, says Symantec, a leading information security firm.

“Cybersecurity threats in Thailand worsened in 2017, compared with 2016, because there were more connected devices and higher interest in cryptocurrencies and exchanges,” said Sherif El-Nabawi, senior director for Asia-Pacific system engineering.

Citing the “Symantec Internet Security Threat Report 2018”, he said of the 157 countries and territories Symantec’s intelligence systems charted globally last year, the cybersecurity threat environment in Thailand ranked seventh-worst in Asia-Pacific, a dip from ninth in 2016.

China, India and Japan are the three best when it comes to detections in the region, while the US, China and India were the top three globally in 2017.

“We found Thailand to be the 18th-worst worldwide when it comes to cryptomining attack threats, as well as the fourth-worst in Asia-Pacific,” said El-Nabawi.

Spam email also intensified, with Thailand dropping to 12th-worst last year, down from 16th in 2016.

Ransomware attacks likewise increased, with Thailand sliding to 21st in 2017 from 34th in the previous year.

Thailand also ranked 11th-worst for network attacks last year, down from 18th in 2016. The country further ranked 22nd for the number of web attacks last year, down from 26th in 2017.

But detection of malware, bots, and phishing hosts in Thailand improved, from 26th, 15th, and 26th in 2016 to be 30th, 17th and 27th place in 2017, respectively.

Rattipong Putthacharoen, system engineer lead for Thailand, Cambodia, Laos and Myanmar, said manufacturing, services and retail trade were the top three targets for malware, phishing and spam in Thailand, as cybersecurity protections in these sectors are still low.

Mr El-Nabawi said 2017 was the first year that Symantec included cryptomining in the study.

Cryptomining or cryptojacking occurs when a hacker clandestinely takes over a computer for the purposes of mining cryptocurrency.

Detection of coin miners on end-point computers increased by 8,500 per cent in 2017, with Symantec logging 1.7 million in December alone.

This is not surprising considering that bitcoin started 2017 priced below US$1,000 and finished out the year at US$14,000.

“Cybercriminals cashed in on cryptocurrency mining and have continued this year by targeting crypto-exchanges, wallet theft, phishing and fake mobile apps,” he said.

Attackers are also targeting corporate networks to harness the power of servers or supercomputers and engaging in cloud account hijacking, pushing up expenses for corporate cloud services.

Apart from cryptomining, Symantec has seen threats in the mobile space continue to grow every year, with the number of new mobile malware variants increasing by 54 per cent in 2017.

Last year, Symantec blocked an average of 24,000 malicious mobile applications each day.

As older operating systems remain in use, this problem has only intensified.

For example, with the Android operating system, only 20 per cent of devices are running the newest version and only 2.3 per cent have the latest possible update installed, said Mr El-Nabawi.

Symantec identified a 200 per cent increase in the number of instances where attackers inject malware implants into the software supply chain in 2017.

Read the original article at Bangkok Post