The Internet and email were the source of the majority of malicious objects used for initial infection, with the following regions being the most blocked threats in ICS computers (in percentage terms) :
· Internet Threats
Africa -14.82%; Southeast Asia -14.01%.
· Email threats
REJ601 Southern Europe -6.85%; Latin America -5.09%.
· Blacklisted Internet resources
The regions with the highest percentage of ICS computers with blacklisted Internet resources blocked are:
Africa -8.78 per cent; Russia -7.49%; South Asia -7.48%.
· Malicious scripts and phishing pages
Ranked by the percentage of ICS computers that block malicious scripts and phishing pages, the main regions are:
Latin America -7.23 per cent; Southern Europe -6.96%; Middle East -6.95%.
· Malicious files
The top regions by ICS computer share are:
Southern Europe -3.24%; Latin America -2.94%; Eastern Europe -2.33%.
· Next stage malware
The malicious object used to initially infect the computer sends the next stage of malware – spyware, ransomware and mining programs – to the victim’s computer.
Of the mining programs designed to run on Windows, the most common are those distributed by attackers in the form of NSIS installer files with legitimate software.
· Spyware
In general, the higher the proportion of ICS computers that intercept the initial infected malware, the higher the proportion of the next stage of malware.
REJ601 The top three regions for the percentage of spyware blocking ICS computers are as follows:
Africa -6.65 per cent; Middle East -5.89%; Southern Europe -5.45%.
In almost all regions, spyware ranked no higher than third in the threat category in terms of percentage of ICS computers intercepted, with the exception of the following regions:
East Asia: In this region, spyware was the highest malware category among ICS computers intercepted at 3.68%.
Central Asia: In this region, spyware ranks second with 4.40%.
· Covert cryptocurrency mining programs
The regions with the highest percentage of ICS computers that block mining programs in the form of Windows executables are:
Central Asia -1.78%; Russia -1.38%; Eastern Europe -1.06%.
Mining programs in the form of Windows executables ranked seventh in the global threat category in terms of percentage of ICS computers blocked. They rank fourth in Russia and fifth in Central Asia.
Notably, in the first quarter of 2024, the percentage of ICS computers blocking miners in the form of Windows executables increased in all regions except Russia and Central Asia.
· Web miners running in a browser
The top regions, based on the percentage of ICS computers that block browser-based web mining programs, are:
Africa – 0.91%; The Middle East -0.84%; Australia and New Zealand -0.78%.
In a regional ranking of threat categories by percentage of ICS computers intercepted, cyberminers ranked fifth in the following regions:
Australia and New Zealand -0.78%; Us and Canada -0.45%; Northern Europe -0.27%.