Microsoft last week released the Microsoft Security Intelligence Report volume 14 (SIRv14), an biannual report includes data from the second half of 2012 and contains threat intelligence from over a billion computers worldwide.
According to Microsoft, the Malicious Software Removal Tool (MSRT) detected malware on 2.2 of every 1,000 computers scanned in Hong Kong in the Q4 2012, compared to the worldwide average of 6.0. The study also found 6.23 phishing sites per 1,000 hosts in Hong Kong, up from 6.01 in the third quarter of 2012, which is also higher than the worldwide average of 5.10
Concerning antivirus, the study shows 2.5 out of 10 computers on average do not use up-to-date Antivirus. Without this vital protection layer, computers are 5.5 times more likely to be infected with malware, the report shows.
"People intuitively understand the importance of locking their front door to prevent their homes from being broken into. Computer security is no different. Surfing the internet without an up-to-date Antivirus is like leaving your front door open to criminals," said Tim Rains, director, Microsoft Trustworthy Computing. With the release of this new research, Microsoft is urging people to make sure they have up-to-date Antivirus installed on their computers."
"Regardless of whether you use a free or paid for solution, the importance of Antivirus cannot be overstated," Rains added. "By taking the proper measures to protect your computer, including the most basic step of installing Antivirus, people can dramatically reduce their risk of becoming a victim."
In an interview with Asia Cloud Forum, Rains explains whether enterprises can guard themselves against these cyber threats with cloud adoption, and whether a computer can still be compromised by using public cloud services.
Asia Cloud Forum (ACF): Is cloud adoption a sure way to guard enterprises against the cyber threats described in SIRv14?
Tim Rains (TR): There are two parts of the cloud. There is the data center, and there are also clients that are being used to access the cloud. If the clients are compromised by malware identified in the SIRv14 report, the data might be [still be] safe from the data center, but now it's being accessed by clients that are compromised.
Often times I call that the forgotten part of cloud security. Because people are very focused on the data center security, but they should be equally focused on the client side [to guard against various cyber threats.]
ACF: Can my computer be still compromised by malware if I use a public cloud service hosted in a third-party facility?
TR: If you are using your laptop, for example, to access any cloud-based service, if there is malware on that system, then there are a lot of malware that you can keystroke log in, which watches as you key in. Certain malware actually does screen scripting, which enables it to see what's on your screen. These malware can also enable your microphone and your camera in order to get all sorts of information. And so, one of the key things that [cloud service] customers have to do, is to figure out which content or what data is appropriate to store on the cloud, and what they have to store locally.
Sign up for CIO Asia eNewsletters.