![]() |
Kim Gwi-ryun, security program manager at Microsoft Korea, speaks during a media conference at the firm's office in Seoul, Monday. / Courtesy of Microsoft Korea |
By Jun Ji-hye
Korea and other countries around the world are facing growing threats of cyberattacks such as supply chain compromises and cryptocurrency mining in addition to widespread phishing attacks, Microsoft Korea said Monday.
Cyberattack encounter rates in Korea have been relatively low compared to the world average, but the IT giant said organizations as well as individuals here are still encouraged to back up their data using cloud platforms while keeping operating systems and security software as up-to-date as they can.
The firm made the remarks at a media conference in Seoul, during which time it announced the annual Microsoft Security Intelligence Report.
"We analyzed over 6.5 trillion security signals a day in 2018 to publish the threat intelligence report and share expert insights with clients," said Kim Gwi-ryun, security program manager at Microsoft Korea.
She said supply chain attacks have become a broad category of threat, while software supply chain attacks have been increasing in the last few years.
She cited an example of the popular system cleanup software CCleaner, which suffered a massive supply chain malware attack in September 2017, infecting over 2.3 million users who downloaded or updated their CCleaner app.
The firm also found that cyber criminals are injecting mining software into an unsuspecting user's or organization's machine, using the machine's computer power to mine for cryptocurrency to generate revenue illegally.
"We have noticed that as the value of cryptocurrency rises and falls, so does the mining encounter rate," she said.
Korea's cryptocurrency mining encounter rate in 2018 was 0.05 percent, which was 58 percent lower than the world average.
Kim said users can hardly detect cryptocurrency mining encounters, as the only symptom that users can recognize would be decreases in system performance.
She said the key threat is that once an attacker has a foot in the door, they can easily turn that mining software into something with more malicious intentions if needed.
The firm also noted phishing attacks appear to still prevail, saying inbound emails that were phishing messages increased 250 percent in 2018.
The IT company called on organizations to use cloud computing services for automatic backup and implement network segmentation.
"More importantly, companies need to carry out regular education on cybersecurity for their employees," Kim said.
Individual users are encouraged to use the newest anti-virus systems and licensed software, she added.