Thailand faces big risk from malware

[webfact]

SURVEY
Thailand faces big risk from malware
ASINA PORNWASIN
THE NATION

Asia-Pacific region most targeted for cybercrime, Microsoft says

BANGKOK: -- THAILAND is among the top 25 malware-infected nations globally, according to the Microsoft Digital Crimes Unit. There are more than 5 million IP (Internet protocol) addresses connected to millions of malware-infected devices observed in Asia and Thailand.

According to Microsoft Asia-Pacific CIO Survey, this region is the most actively targeted for cybercrime attacks. A white paper published by the National University of Singapore and market-research firm Inter-national Data Corporation estimates that Asia-Pacific consumers would have spent about US$10.8 billion (Bt383 billion) on the identification, repair and recovery of data and dealing with identity theft from malware on pirated software last year.

The study also projects that infected pirated software and lost data would have cost enterprises in the region $229 billion - more than 45 per cent of the world total - for the same year.

Keshav Dhakad, Microsoft director for intellectual property and digital crimes in Asia, said yesterday that Microsoft was committed to expanding its cybercrime-fighting work worldwide to protect computer users, customers and governments through intelligence-sharing partnerships and public-private collaboration.

As individuals and organisations in Thailand become more connected with their devices and information systems, they are also increasingly vulnerable to the exploits of cybercriminals seeking opportunities to steal private, financial and confidential data.

As the vulnerabilities of the digital world are increasingly thrust under the spotlight amid growing reports of cybersecurity incidents, there will likely be a flight to quality and trust among technology users.

"We work as a global team, but Thailand has also benefited. Microsoft's DCU [Digital Crimes Unit] head office is located in Redmond [Washington state] and it has five satellite cybercrime centres in Singapore, Japan, Germany, China and Washington, DC," Dhakad said.

"Our satellite in Singapore takes care of cybersecurity in Southeast Asia. We also work with Interpol, to deal with cyberattacks."

Regarding the Armed Forces' "cyber army" unit, Admiral Pongthep Nhuthep, senior adviser of the Royal Thai Navy, said the Navy has had similar unit for more than four years.

The cyber-force will take care of any kind of cyberattacks. This unit consists of more than 10 soldiers who are cybersecurity specialists.

Pongthep acted as the assistant chief of staff for operations of the Navy taking care of the Naval Communi-cations and Information Technology Department for two years, he found that there were on average a couple of cyberattacks per when? on the Navy's computer systems, mostly its human resource and payroll databases.

"At the Royal Thai Navy, its agencies are divided into groups to do attacks on each other. It is a kind of practice and test of our cybersecurity system and skills," he said.

Yanaphon Youngyuen, president of the Thailand Information Security Association (Tisa), said countries around the world needed a cyber-army to defend against cyberattacks.

Tisa is now playing the role of coordinator to link stakeholders in the cybersecurity industry including government agencies.

Prinya Hom-Anek, a cybersecurity specialist, said there were three levels of hacking - cybercrime (to make money via ransomware), cyber-espionage (of intellectual property) and cyberwarfare (sponsored or carried out by states). "The cyber-army idea is proposed to deal with all these three hacking levels. It is not designed to fight with their own citizens," he said.

Cybersecurity threats and trends next year are the emerging hacking industry, undefined or unknown threats, security of things, Internet of Trust, security-driven architecture, vulnerable suppliers, information of things and the data-science revolution, C-Generation lifestyle in the digital economy, cyber-security-centric and resilience in action, IT-related and security capabilities and competence gaps.

Source: http://www.nationmultimedia.com/politics/Thailand-faces-big-risk-from-malware-30271838.html


-- The Nation 2015-10-29

For information on how to protect your business's IT systems. Contact [email protected]

[noitom]

Thailand very infected with malware. But no need for concern, the Thai navy is testing and practicing.

[AyG]

Microsoft was committed to expanding its cybercrime-fighting work worldwide to protect computer users, customers and governments through intelligence-sharing partnerships and public-private collaboration.

Hey, Microsoft, how about making your operating system secure then you won't need intelligence-sharing and public-private collaboration? Others have done it (Linux, BSD, Solaris). It's not rocket science.

[KittenKong]

Hey, Microsoft, how about making your operating system secure then you won't need intelligence-sharing and public-private collaboration? Others have done it (Linux, BSD, Solaris). It's not rocket science.

This is not Microsoft's fault.

The reason that so many PCs in Thailand are infected is that they use pirated software with the updates turned off. I have no sympathy for thieves when their greed bites them in the backside.

[BuaBS]

And that from a company who infects millions with their malware/spy OS : win 10.

[AyG]

Hey, Microsoft, how about making your operating system secure then you won't need intelligence-sharing and public-private collaboration? Others have done it (Linux, BSD, Solaris). It's not rocket science.

This is not Microsoft's fault.

The reason that so many PCs in Thailand are infected is that they use pirated software with the updates turned off. I have no sympathy for thieves when their greed bites them in the backside.

Yes it is Microsoft's fault. There has never, ever been even a single widespread Linux, BSD or Solaris virus or malware infection because these operating systems were designed with security built in. Security was completely ignored in the early versions of Windows. Subsequently attempts were made to retro fit it, but the code base for Windows is such a mess that these attempts have proven ineffective. Microsoft have tried to sticking plaster the problem with Windows Defender, rather than addressing the underlying problem: insecurity.

What really needs to be done is either a complete rewrite of Windows starting with a decent security model, or to go down the MacOS/OSX route and change to having Unix (or another secure operating system) at the heart of the operating system and then focusing on the look and feel of the system. Either route, however, would be a gargantuan challenge.

[ehw200]

how about the governments of the world get together, track these people down, put them in jail and throw away the key

also seize any or all assets to compensate their victims

[WhizBang]

Hey, Microsoft, how about making your operating system secure then you won't need intelligence-sharing and public-private collaboration? Others have done it (Linux, BSD, Solaris). It's not rocket science.

This is not Microsoft's fault.

The reason that so many PCs in Thailand are infected is that they use pirated software with the updates turned off. I have no sympathy for thieves when their greed bites them in the backside.

That is absolutely not true. While pirated software may be infected, it is not infected by the crackers. Most infections come via iffy web sites and unsolicited emails.

[KittenKong]

Hey, Microsoft, how about making your operating system secure then you won't need intelligence-sharing and public-private collaboration? Others have done it (Linux, BSD, Solaris). It's not rocket science.

This is not Microsoft's fault.

The reason that so many PCs in Thailand are infected is that they use pirated software with the updates turned off. I have no sympathy for thieves when their greed bites them in the backside.

That is absolutely not true. While pirated software may be infected, it is not infected by the crackers. Most infections come via iffy web sites and unsolicited emails.

What I wrote is true.

Thais commonly use stolen pirated software with the updates turned off because they are cheap. They turn off the updates to ensure that their software keeps working, but at the same time they are turning off any updates that may be designed to protect them from new malware or other threats (anyone with a legal version of Windows will know that official security updates happen at least every month, sometimes every week).

It's no-one's fault but their own and they deserve everything bad that happens to them.

[KittenKong]

Yes it is Microsoft's fault. There has never, ever been even a single widespread Linux, BSD or Solaris virus or malware infection because these operating systems were designed with security built in.

This is an old argument.

The reason that there are few attempts at writing malware/viruses etc for Linux and other operating systems is because hardly anyone uses them. The market simply is not there.

In exactly the same way most commercial games and other commercial software are never released for these minor operating systems.

In a car park full of Rolls-Royces would anyone steal a Lada?

[zaphod reborn]

China is the hub of malware. Because so many Thais connect with Chinese websites, their computers are also infected. Baidu is one big transmitter of viruses.

Isn't it strange that this "survey" and the Nation's article are published immediately following Prayuth's rant about needing a cyber security army. Obviously, the Nation has no qualms about being the PR and propaganda arm of the junta.

[SpaceKadet]

Hey, Microsoft, how about making your operating system secure then you won't need intelligence-sharing and public-private collaboration? Others have done it (Linux, BSD, Solaris). It's not rocket science.

This is not Microsoft's fault.

The reason that so many PCs in Thailand are infected is that they use pirated software with the updates turned off. I have no sympathy for thieves when their greed bites them in the backside.

That is absolutely not true. While pirated software may be infected, it is not infected by the crackers. Most infections come via iffy web sites and unsolicited emails.

What I wrote is true.

Thais commonly use stolen pirated software with the updates turned off because they are cheap. They turn off the updates to ensure that their software keeps working, but at the same time they are turning off any updates that may be designed to protect them from new malware or other threats (anyone with a legal version of Windows will know that official security updates happen at least every month, sometimes every week).

It's no-one's fault but their own and they deserve everything bad that happens to them.

Totally false Kitten. Pirated Windows products will activate and download all updates, and will not stop working. They will even update and activate to Windows 10 without any issues.

[AyG]

Yes it is Microsoft's fault. There has never, ever been even a single widespread Linux, BSD or Solaris virus or malware infection because these operating systems were designed with security built in.

This is an old argument.

The reason that there are few attempts at writing malware/viruses etc for Linux and other operating systems is because hardly anyone uses them. The market simply is not there.

I guess you've been drinking the Microsoft Kool-Aid.

Putting it very simply, to install new software in Windows doesn't require any special privileges. With Linux, every time you install new software you have to enter the administrative password. That's why it's so easy for Windows malware to thrive: you can install new software without typing a password. In Linux you can't.

As for "hardly anyone uses [Linux]", according to W3Cook (May 2015), 96.6% of Internet web servers use Linux vs. 1.7% using Microsoft Windows, so it's not "hardly anyone".

[KittenKong]

As for "hardly anyone uses [Linux]", according to W3Cook (May 2015), 96.6% of Internet web servers use Linux vs. 1.7% using Microsoft Windows, so it's not "hardly anyone".

Those aren't people. Nor do they visit websites or read email.

[KittenKong]

Putting it very simply, to install new software in Windows doesn't require any special privileges. With Linux, every time you install new software you have to enter the administrative password. That's why it's so easy for Windows malware to thrive: you can install new software without typing a password. In Linux you can't.

Anyone concerned about that possibility can simply run a Windows user account without admin privileges.

[KittenKong]

Totally false Kitten. Pirated Windows products will activate and download all updates, and will not stop working. They will even update and activate to Windows 10 without any issues.

Some may, most wont.

[easybullet3]

if there is any MalWare, it is because of 'lack of English Understanding'.. people clicking on Virus emails without understanding what they are clicking. or clicking on Adverts to "Clean up your computer".

MalWare is NOT from installing Pirate Windows or Pirate versions of Software from the Pirate Software sellers at IT City or Pantip.

Malware is from clicking on 'links' or opening files from suspiscious sources.

The Internet Providers in Thailand do LITTLE to warn people about Viruses and Malware. They dont do much to warn people to have an Anti-Virus.

The issue is with Thailands ability to inform its users about the importance of Antivirus.

Also: There is not much online HELP available for Thai People (in Thai Language) on how to FIX computer problems.

if someone can speak English, then they have LOADS of info online how to clean almost any virus or malware.

unfortunately a huge lack of info for thai people. and this is why thailand maybe HIGH risk for malware.

its NOTHING TO DO with pirated windows etc...

[petermik]

Thailand very infected with malware. But no need for concern, the Thai navy is testing and practicing.

The intended purchase of a submarine is indeed proof

[Chicog]

Microsoft was committed to expanding its cybercrime-fighting work worldwide to protect computer users, customers and governments through intelligence-sharing partnerships and public-private collaboration.

Hey, Microsoft, how about making your operating system secure then you won't need intelligence-sharing and public-private collaboration? Others have done it (Linux, BSD, Solaris). It's not rocket science.

Ah that's right, they never have to patch Linux, BSD or Solaris.

When are you going to make that claim about OSX and iOS?

[Chicog]

Hey, Microsoft, how about making your operating system secure then you won't need intelligence-sharing and public-private collaboration? Others have done it (Linux, BSD, Solaris). It's not rocket science.

This is not Microsoft's fault.

The reason that so many PCs in Thailand are infected is that they use pirated software with the updates turned off. I have no sympathy for thieves when their greed bites them in the backside.

Yes it is Microsoft's fault. There has never, ever been even a single widespread Linux, BSD or Solaris virus or malware infection because these operating systems were designed with security built in. Security was completely ignored in the early versions of Windows. Subsequently attempts were made to retro fit it, but the code base for Windows is such a mess that these attempts have proven ineffective. Microsoft have tried to sticking plaster the problem with Windows Defender, rather than addressing the underlying problem: insecurity.

What really needs to be done is either a complete rewrite of Windows starting with a decent security model, or to go down the MacOS/OSX route and change to having Unix (or another secure operating system) at the heart of the operating system and then focusing on the look and feel of the system. Either route, however, would be a gargantuan challenge.

Most of the insecurities remaining on the Internet, using such examples as SMTP, are a direct result of Unix programmers paying NO attention to security whatsoever, with the naive assumption that the people who would use it would be nice idealists like themselves.

Windows is not that difficult to secure.

Most breaches are down to people not using Windows in a secure manner.

Clicking on links, downloading any old program, not running A/V, not patching and so on.

Just because a few OS's do the patching themselves, this does not make them inherently secure.

And in fact Windows 10 now emulates these by applying the updates itself (if you so choose).

However, I was waiting for you to try and play the Apple card.

There is nothing secure about any OS, and you have to do at least some work to keep yourself safe.

Trying to convince people otherwise is disingenuous at best.

And you're ignoring the fact that Windows is the most successful OS and therefore the primary target of hackers and criminals, hence the disparity of mass attacks on it compared to other operating systems.

Nice try, but no cigar.