Jeﬀ Hurmuses, Area VP for Asia Pacific, Malwarebytes
What are some common misconceptions that people have about antivirus software?
The perception is that I have an antivirus and I’m protected. The reality is that the threat of the attack has changed dramatically. You are no longer protected by a signature-based technology. You need to defend yourself against the unknown. And you need a multiple-layered approach.
Malwarebytes provides seven layers of protection. There are two layers based on signatures — that’s the known. And then we have five layers of the unknown, which are based on the telemetry we receive. Every day, 500,000 people download our software for free. Every day, we stop three million pieces of malware.
All this data goes into a huge database. It provides us with the telemetry to protect our customers from the unknown.
Could you give a specific example of how the attack has changed?
I was just in a large international school in Singapore and we did a proof of concept there. They use one of our competitors, and they wanted to see what Malwarebytes is all about.
We plugged into their system for a month and came back with the report. There were 4,000 potentially unwanted programs, even though they had a signature- based technology. 60 of the 71 computers in the administration had not updated Flash. And 10 of these computers were infected with Bitcoin miners. They thought they were protected. And what I’m trying to tell them is that the attack has changed.
What’s something that worries you right now?
One of the big issues right now is dwell time. Dwell time is the amount of time that an exploit kit or something nasty is sitting in your computer. And dwell time continues to go up. The average dwell time in Asia is much higher than it is in the rest of the world — it’s 176 days. That means, for an average of 176 days, something bad is sitting on a computer in Asia-Pacific.
People understand that they should have antivirus on their computers. But what about their mobile devices?
The worrying thing is that ransomware detection in the Asia Pacific was up 1,000 percent year over year. There three countries in the Asia Pacific that are in the top 10 globally — Indonesia, India, and Thailand. That’s just ransomware.
Android ransomware is up 1,173 percent (ed: in the first quarter of 2018, compared to the last quarter of 2017). It’s huge, again, with three countries in the Asia Pacific that are in the top 10 globally — Indonesia, India, and the Philippines. 15 percent of Android infections for the last 12 months are in Asia. Why is that?
There are a lot of mobile phone manufacturers in Asia. And what’s the big driving factor for them? It’s reducing costs. Well, guess what? Security is an expensive feature and it’s the first thing they normally drop. There are also app stores that have malicious software and people are putting them on their smartphones. All these things make the world a much more unpleasant place when it comes to security on phones and devices.
Is there something you’d wish people would ask you that they normally don’t?
I’d love if somebody asked me point-blank, “how bad is it?” Because it’s bad. We’re talking about 16 attacks a day, and those are the ones we know about (ed: Symantec ranked Singapore 42nd globally in terms of ransomware, with 16 total attacks a day in 2015). People just don’t know and there’s a lot to be done out there.
“They thought they were protected. And what I’m trying to tell them is that the attack has changed.”
PICTURE PHYLLICIA WANG