Complex Made Simple

‘Social engineering’ malware attacks on the rise in the UAE

Kaspersky Lab says it has seen nearly 3.5 million social engineered malware attacks in the UAE, within its security network alone.

Social engineering attacks require participation, with the user downloading a malicious file to their computer – often via email or social networks because of a perceived ‘trusted’ source. Or a cybercriminal can trick a victim into believing they are downloading a legitimate program.

Kaspersky Lab detected 3,496,847 internet-borne malware incidents on KSN-connected machines in the UAE between January and June this year. Overall, 38.3% of users from the UAE were attacked by web-borne threats during this period. This ranks the UAE 31st worldwide for malware threats of this type.

“Cybercrime evolved three years ago,” says Dmitry Bestuzhev, Head of Kaspersky’s Global Research and Analysis Team. ” were only operating on the black market, but now their money and own security has increased. Their evolution has not finished, there are new challenges daily.”

“We have several kinds of players – some have been on the scene for a long time, but we also see a great number of ‘newbie’, rookie guys. Now it’s as easy as finding a malware kit via Google and detailed instructions on Yahoo Answers,” Bestuzhev told AMEinfo.

Web browser-based attacks the main cause of malware spread

Attacks via browsers are the primary method for spreading malicious programs to individual web users. Sometimes vulnerabilities are exposed via plugins, or in the browsers themselves, after a user visits an infected website. This is the number one method used by cybercriminals worldwide.

Infection in this type of attack takes place when visiting an infected website, without any intervention from the user and without their knowledge. Protection against these attacks requires a security solution capable of detecting threats as they are downloaded and frequent updates for the browser and its plugins.

In the same period of January-June 2012, Kaspersky detected 6,662,154 ‘local malware’ incidents on the computers of Kaspersky Security Network (KSN) participants in the UAE. This data shows how frequently users are attacked by malware spread via removable USB drives, CDs and DVDs, and other “offline” methods.

Overall, 45.9% of users from the UAE were attacked by local threats during this period. This puts UAE in the 68th place worldwide. Protection against such attacks not only requires an antivirus solution capable of treating infected objects but also a firewall, anti-rootkit functionality and control over removable devices.

Malware – a global perspective

Kaspersky recorded the source of the malware threats and found the share of malicious incidents caused by malware hosted in the UAE was less than 0.1% – or 344,685 incidents in the period January-May 2012. This puts the UAE in 51st place worldwide.

In order to provide an accurate assessment of the level of risk of infection for computer users around the world, Kaspersky has calculated the frequency of user events as a percentage for each country, based on antivirus program data.
• Extremely high-risk, over 60% of users report web attacks
• High-risk, 41-60%;
• Average-risk, 21-40%;
• Low-risk, 20% (relatively safe countries)

Top 20 countries in which users were most frequently subjected to online attacks:

Rank / Country / % of attacked users

1. Russian Federation 59.0%
2. Tajikistan 56.3%
3. Azerbaijan 55.9%
4. Armenia 55.5%
5. Kazakhstan 54.2%
6. Belarus 51.5%
7. Sudan 51.1%
8. Bangladesh 50.3%
9. India 48.6%
10. Sri Lanka 48.3%
11. Ukraine 47.4%
12. Turkmenistan 47.3%
13. Oman 46.7%
14. Moldova 46.1%
15. Uzbekistan 46.0%
16. Maldives 43.5%
17. Italy 43.5%
18. Cote d’Ivoire 43.4%
19. Iraq 43.2%
20. Indonesia 42.9%

31. United Arab Emirates 38.3%