KARACHI: Pakistan is at the top among a handful of countries which attracted the highest rates of malware attacks in the second half of 2015, reveals the Microsoft Security Intelligence report Volume 20.

The report, which assesses software vulnerabilities and monitoring of malware and unwanted software with the help of sensors in systems running Microsoft anti-malware software, shows Pakistani internet users have the highest threat encounter rate and the fifth-highest infection rate in the world.

Founder and Director of the Digital Rights Foundation Nighat Daad says the vulnerability of Pakistani users to online threats may be due to a lack of education or reluctance to change the way people use the internet.

“Most people are not aware of security risks and vulnerabilities when using technology. However, even when they have been trained, it is very hard to change people’s behaviours. There is a perception that the internet is not part of the ‘real world’, so they believe threats they face will stay online and have nothing to do with physical security or real-world risk.

“After 3G and 4G were introduced in Pakistan, there has been greater access to the internet because it’s cheaper and people have started accessing it through mobile phones. People have become more willing to use social media websites but are not ready to learn about the security risks these websites offer or what privacy and security settings are. Many people surrender their data and privacy because they don’t even read the terms of agreement when they sign up for a service.”

Countries that attracted the fewest malware attacks include Japan, Finland, Norway and Sweden

Microsoft says millions of attacks occur each year when attackers have valid credentials, such as a user’s login and password, which can be obtained through malware or by other means.

Ms Daad believes training and education can be used to change people’s attitudes towards technology use. However, the onus is not just on internet users, she says.

“The government and telecom companies provide cheaper technologies but don’t teach users how to use them safely.

“Many people, for instance, don’t know what constitutes cybercrime. It’s very complicated and there are many technicalities involved. The government believes tighter legislation will make people change their behaviour, but they will just start misusing it like other laws and this is a worrying trend. The government should make legislation that can’t be misused. The government has spent two years drafting the cybercrime bill but there hasn’t been a single initiative to increase education among internet users.”

Highest threat encounter rate

Pakistan, Indonesia, the Palestinian territories, Bangladesh and Nepal are among locations with the highest threat encounter rates in the second half of 2015 (2H15).

Although there appeared to be a worldwide dip in threat encounter rates, they rose again after 2015 Q2. By the end of the year, an encounter rate of over 60 per cent was reported for Pakistan, the highest in the world as compared to the worldwide average of just over 20pc.

Threat families found to be unusually common in Pakistan included the worm family Win32/Ippedo, which was ranked third in Pakistan but 28th worldwide, and Win32/Nuqel, which was ninth in Pakistan but 71st worldwide.

Fifth-highest infection rate

Pakistan had the fifth-highest infection rate in the second half of 2015 after Mongolia, Libya, the Palestinian territories and Iraq at 71.3 Computers Cleaned per Mille (CCM). The worldwide average during this period was 16.9 CCM.

Microsoft’s infection rate metric, CCM, is defined as the number of computers cleaned per 1,000 unique computers by the Microsoft Malicious Software Removal Tool, a free tool distributed by the company’s update services, which removes over 200 “highly prevalent or serious threats from computers”, according to the report.

Infecting families unusually prevalent in Pakistan include the worm family Win32/Tupym, 13th in Pakistan and 110th worldwide, and the backdoor family Win32/Bifrose, which is 15th in Pakistan and 115th worldwide.

Countries that attracted the fewest malware attacks include Japan, Finland, Norway and Sweden.

Avoiding ordinary malware

Malware is transferred to a computer when an infected file is downloaded, Ms Daad says.

“If you receive an attachment or file you don’t expect, don’t download it. Open it online first. There are softwares called sandboxes that attachments can be put in to assess whether they are malware or safe.

“Ordinary anti-viruses are suitable for ordinary malware, but if the malware is coming from an organisation like The Hacking Team or Finfisher or other notorious companies that make malware to attack and target people, they are ineffective.”

Published in Dawn, May 6th, 2016