About this report
The report supplements the global Kaspersky Security Bulletin and supplements global statistics and threats overview with local data for specific country. Both reports are based on data obtained and processed using the Kaspersky Security Network (KSN). KSN integrates cloud-based technologies into personal and corporate products and is one of Kaspersky Lab’s most important technologies.
Global Kaspersky Security Bulletin for Q3 2013 is published at Securelist.com.
KSN assists Kaspersky Lab’s experts to swiftly detect new malware in real time when no corresponding signature or heuristic detection exists. KSN helps to identify sources of malware proliferation on the Internet and blocks user access to them.
Due to KSN’s very rapid response to new threats we are able to block new programs from launching on users’ computers within seconds after of them being detected, and without having to update the antivirus database first.
Mr. Altaf Halde, Managing Director, Kaspersky Lab – South Asia,
said, “The threat landscape in the country continues to evolve, with cyber criminals finding innovative tactics and means to attack users. This report states that India is constantly climbing on top of charts, across various type of threats. At Kaspersky, we are constantly striving to protect and create awareness of all the local threats (malware spread via removable USB drives, CDs and DVDs, and other “offline” methods). We hope that with the release of such reports, users become more and more aware that their data across various platforms is at risk, and take necessary precautionary measures accordingly.
The statistics in this report (except for spam) are based on completely anonymous data obtained from Kaspersky Lab products installed on users’ computers in India and was acquired with the full consent of the users involved.
Web threats
Attacks via browsers are the primary method for spreading malicious programs. The following methods were used most often by cybercriminals to penetrate systems:
Exploiting vulnerabilities in browsers and their plugins (drive-by download).
Infection in this type of attack takes place when visiting an infected website, without any intervention from the user and without their knowledge. And this is the number one method utilized by cybercriminals, the one used in the majority of attacks. Protection against such attacks requires an Internet Security class solution capable of detecting threats as they are being downloaded from the Internet and the timely installation of all the latest updates for the browser and its plugins. Another key technology, developed by Kaspersky Lab, is Automatic Exploit Prevention, designed specifically to fight complex web threats, exploiting newly discovered vulnerabilities in software.
Social engineering
These attacks require user participation, with the user having to download the malicious file to their computer. This happens when the cybercriminal tricks the victim into believing they are downloading a legitimate program. Protection against such attacks requires a web antivirus solution capable of detecting threats as they are being downloaded from the Internet.
In the period July-September 2013 Kaspersky Lab products detected 21,946,308 Internet-borne malware incidents on the computers of KSN participants in India.
Overall, 33.8% of users were attacked by web-borne threats during this period.
This places India in the 18th place worldwide when it comes to the dangers associated with surfing the web.
Local threats
The use of local infection statistics for user computers is an extremely important indicator. Worms and file viruses account for the majority of such incidents. This data shows how frequently users are attacked by malware spread via removable USB drives, CDs and DVDs, and other “offline” methods.
Protection against such attacks not only requires an antivirus solution capable of treating infected objects but also a firewall, anti-rootkit functionality and control over removable devices.
In the period July-September 2013 Kaspersky Lab products detected 146,502,614 local malware incidents on the computers of KSN participants in India.
Overall, 52.3% of users in this country were attacked by local threats during this period. This puts India in the 4th place worldwide.
Malicious hosts
When a Kaspersky Lab customer is attacked by an online threat, we record the source of this threat – the location of the malicious objects that tried to infect the system. Based on that data, the share of malicious incidents caused by malware hosted in India was 0.08% – that is 388,277 incidents in the period July-September 2013.
This puts India in 39th place worldwide.
Spam Sources
A separate Kaspersky Lab’s service identifies spam messages in global e-mail traffic and tracks their source. Based on that data, the share of spam sent via computers and servers based in India was 3.72% in July-September 2013. This puts India in the 7th place worldwide.
