South Africa is one of the safest online surfing environments in the world.
This is according to a Kaspersky Lab review of the malware situation in Q3 2014, which reveals during the quarter, only 16% of the computers in SA were infected.
The other safe countries were Singapore (10.5%), Sweden (12.4%), Denmark (13.2%), Japan (13.3%), Finland (16.1%), and the Netherlands (16.6%).
Explaining the findings, Ghareeb Saad, senior security researcher, Global Research & Analysis Team, Middle East, Turkey and Africa at Kaspersky Lab, says this could be mainly due to South African users' behaviour while browsing the Internet.
He believes South African users might have higher awareness of cyber threats and a better understanding of how to keep safe while online.
"Among other factors could be the Internet penetration and the quality as well as speed of Internet services in South Africa, which makes users more dependable on local resources and removable media in transferring and exchanging data, As a result, users' access to malicious resources online is limited," Saad says.
Methodology
He explains, in order to assess in which countries users faced cyber threats most often, the security solutions vendor calculated how often Kaspersky Lab users - those who have consented to provide their statistical data - encountered detection verdicts by the Web anti-virus module on their machines.
The percentage means the ratio of unique users whose computers have been targeted by Web attacks to the number of all unique users of Kaspersky Lab products in the country. Countries with a relatively small (less than 10 000) number of Kaspersky Lab products users were excluded.
The resulting data characterises the risk of infection computers are exposed to in different countries across the globe, providing an indicator of the aggressiveness of the environment in which computers work in different countries, he adds.
"South Africa was one of the countries with the safest online environments, with 16% of users exposed and subjected to at least one Web attack during the past three months," he notes.
He believes the most effective way to increase Web surfing safety is to improve users' cyber security awareness and educate them about the risks posed by the Internet and what loss or damage can be caused by Web threats.
Web attack sources
According to the report, there are major changes in the main sources of Web attacks. In Q2, the top five positions in the ranking were occupied by Germany, the US, the Netherlands, Russia and Canada, respectively.
In Q3, the US made a big leap (+11.2pp), landing in the top position with 33%. Germany dropped to third place (13.5%) and the Netherlands moved into second place (18%). Ukraine reached fifth place (4%), pushing Canada out of the top five. Russia remained in fourth position with 9%, says Kaspersky Lab.
"When identifying or ranking locations where cyber-attacks originate, we depend on the physical location of the online resources that were used in attacks and blocked by our anti-virus components (Web pages containing redirects to exploits, sites containing exploits and other malware, botnet command centres, etc)," Saad says.
"Any unique host might become a source of one or more Web attacks. In order to determine the geographical source of Web-based attacks, domain names are matched up against actual domain IP addresses, and then the geographical location of a specific IP address is established."
Nonetheless, he points out these locations don't reflect the attackers' locations or origins, but mainly identify countries where attackers prefer to host their command and control or malicious pages.
He says many factors could affect the attackers' choices, for example hosting prices, cyber crime laws and ease of taking down malicious resources in these countries.
Kaspersky Lab says an extremely dangerous vulnerability known as Bash/ShellShock dominated the newsfeeds in Q3. Bash is easily exploited, providing full access to the operating system on popular devices - routers, wireless access points etc.
Additional findings
In addition to this incident, Kaspersky Lab's Global Research and Analysis Team discovered two cyber-espionage campaigns that hit more than 2 800 high-profile targets in more than 45 countries across the globe. As for non-targeted mass attacks, their geographical distribution is becoming truly global. Attacks by mobile malware alone were detected in 205 countries.
It says over a billion malicious attacks were blocked on the computers and mobile devices of Kaspersky Lab users - 33.1% more than in the previous quarter.
Two cyber-espionage campaigns - Crouching Yeti and Epic Turla - affected high-profile victims in at least 10 industries, including government institutions, embassies, military, research organisations and IT companies.
About 110 million unique URLs that triggered Web anti-virus detections were recorded - 31% more than in Q2.
Some 74 500 new mobile malware samples were added to Kaspersky Lab's collection. This is 14.4% more than in Q2.
Over 7 000 mobile banking Trojans were detected - 3.4 times more than in the previous quarter; and banking Trojan attacks were detected in 70 countries, compared with 31 countries in Q2.
Share