PHL among most targeted by malicious URL attacks — report
THE PHILIPPINES placed fifth in a global ranking of economies that logged the highest number of accessed malicious Uniform Resource Locators (URLs) in 2023, cybersecurity software company Trend Micro said.
According to its latest annual cybersecurity report, Filipinos accessed 76.73 million malicious URLs.
Still, this was a 20% decline from 2022.
Ahead of the Philippines were Japan, which led the ranking with 823,06 million accessed URLs, followed by the United States with 382.88 million, Taiwan with 95.1 million, and China with 84.3 million.
“We’re blocking more threats than ever before for our customers. However, adversaries showed a variety and sophistication of tactics, techniques, and procedures (TTPs) in their attacks, especially in defense evasion,” Trend Micro Philippines Country Manager Ian Felipe said in a statement.
Mr. Felipe said network defenders should continue to proactively manage risks.
“Understanding the strategies favored by our adversaries is the foundation of effective defense.”
Meanwhile, Trend Micro also reported that among other threats detected in the Philippines, e-mail threats went down by 27% year on year, while URL hosted and URL victim threats fell 34% and 20%, respectively.
The firm also saw botnet victims go down by 27% and online banking malware drop by 46%.
Meanwhile, malware detections in the country rose by 12% year on year.
Southeast Asian countries including the Philippines recorded an overall increase in ransomware detections, making up more than half (52%) of the global number, largely attributed to significant detections within Thailand.
“Other markets such as Indonesia, Malaysia, Singapore, and the Philippines saw a decline in ransomware detections, similar to the overall global trend. In the Philippines, the number of ransomware detections fell by 93%,” Trend Micro said.
The report also showed that the Philippine government was mostly targeted in advanced persistent threat campaigns.
It said that threat actor Earth Estries, known to deploy cyber espionage campaigns, targeted government organizations and technology industries in the Philippines, Taiwan, Malaysia, South Africa, Germany, and the US.
Earth Estries uses public services such as GitHub, Gmail, AnonFiles, and file.io to exchange and transfer commands and stolen data.
In addition, it also identified China-based group Mustang Panda attacked government organizations in the country using “components of legitimate software commonly used in Southeast Asia for DLL (Dynamic Link Library) sideloading.”
Meanwhile, globally, Trend Micro said detected threats rose to 161 billion in 2023 from 146.4 billion in 2022.
It blocked 73.8 billion e-mail threats, 2.3 billion malicious URLs, 82.1 billion malicious files, 87.5 billion e-mail reputation queries, 4.1 trillion reputation queries, and 2.3 trillion file reputation queries. — Aubrey Rose A. Inosante