Australia in top five ransomware victims but fares relatively well on malware

Australians were the fifth most-frequent victims of ransomware schemes over the past year but stayed out of the top 20 most at-risk countries for Web-based malware infections overall, according to new figures from security firm Kaspersky Labs.

Only the US, UK, India and Canada had more incidents of the Cryptolocker ransomware than Australia, according to Kaspersky Labs' Kaspersky Security Bulletin 2013 annual wrap-up of security detection figures.

Cryptolocker has proved to be a particularly stubborn example of ransomware, with one US police department forced to pay the ransom, victims hit for a second time after paying the ransom, and others offering advice about how to avoid it.

CryptoLocker is likely to serve as inspiration for copycat cyber-criminals in 2014, security firm WatchGuard Technologies has warned, noting that “it has affected millions and it is suspected that the authors have made a high return in their criminal investment” and that companies should “plan for a surge of ransomware” next year.

The list of countries most at risk of malware infection – based on detection figures returned by users of the company's security tools in each country – was topped by Azerbaijan, in which 56.29% of unique Kaspersky Labs users were flagged as having suffered an infection.

Kazakhstan (55.62%), Armenia (54.92%), Russia (54.50%), Tajikistan (53.54%), Vietnam (50.34%), Moldova (47.20%), Belarus (47.08%), Ukraine (45.66%) and Kyrgyzstan (44.04%) rounded out the top ten most-affected countries, although the 15-strong size of the cohort in what Kaspersky classed as the 'high risk' category had more than halved since 2012, when it included 31 different countries.

Australia was classified as being at moderate risk of malware infection, with the detection rate of 38.9% putting it just behind Italy (39.6%) and ahead of the USA (38.1%), Poland (37.6%), the UK (36.7%), Brazil (34.6%), China (32.2%), Japan (25.3%) and others.

Five specific malware attacks were detected on more than 10 percent of user computers, with the DangerousObject.Multi.Generic category found by 39.1% of individual users and Trojan.Win32.Generic close behind with 38.0%.

More specific common attacks included Trojan.Win32.AutoRun.gen (20.1%), Virus.Win32.Sality.gen (13.4%), and Exploit.Win32.CVE-2010-2568.gen (10.6%).

Australia also ranked well on Kaspersky's metrics of local infections – which measures the rate of computer infection based on scans of computers, USB flash drives, camera and phone memory cards, and external hard drives.

Vietnam dominated that list with a 68.14% infection rate, with Bangladesh (64.93%), Nepal (62.39%), Mongolia (60.18%), and India (59.26%) rounding out the top five. The predominance of such countries reflected the relatively immature state of network infrastructure in those countries, where USB drives and other widely-shared media prove to be ready conduits for malware infections.

Australia was one of just nine countries with a low local infection rate, sitting between 24% and 33%. By comparison, the lowest infection rates were found in Denmark (14.74%), the Czech Republic (15.58%), Finland (15.93%), Cuba (17.18%), and Japan (18.93%).

Copyright © 2013 IDG Communications, Inc.

Microsoft's very bad year for security: A timeline