The Philippines remains one of the top targets for cyberattacks in 2024, ranking third worldwide in internet-borne threats, according to Kaspersky’s latest report.

Kaspersky’s General Manager for Southeast Asia, Yeo Siang Tiong, said on Tuesday that the country’s higher ranking, despite the drop in detected threats, indicates that cybercriminals are becoming more sophisticated and relentless.

“This should serve as a wake-up call for businesses and individuals in the Philippines. It’s time to strengthen their defenses and stay vigilant against evolving online threats,” Yeo said.

“Filipinos are known to be active online, so cybersecurity should no longer be just an option but a necessity in today’s digital landscape.”

In 2024, Kaspersky Security Network recorded 14,101,706 web threats targeting Filipino users, with 42.3 percent of users facing cyber risks.

Despite the decline in total attacks from 26,164,698 in 2023, when 48 percent of users were affected, the Philippines climbed from fourth to third place in the global rankings, behind Belarus and Moldova.

Exploiting vulnerabilities

Web threats refer to cyberattacks that exploit vulnerabilities in web browsers, plugins, and online platforms to deliver malware and other harmful content to unsuspecting users.

Cybercriminals often use two main methods to penetrate systems: drive-by downloads and social engineering attacks.

Drive-by downloads occur when users visit compromised websites that automatically install malware without their knowledge or consent.

Social engineering attacks, on the other hand, trick users into downloading malicious files by disguising them as legitimate programs, often through phishing emails, fake websites, and misleading advertisements.

Yeo explained that the fluctuation in cyber threat numbers does not necessarily indicate a steady decline in attacks.

Continue stronger defense

Thus, he warned that while the decrease in detected threats may suggest improved cybersecurity measures, the Philippines’ higher ranking highlights the continued need for stronger defenses.

The cybersecurity firm urged individuals and organizations to adopt comprehensive protection strategies to safeguard against evolving online risks.

For individuals, Kaspersky recommends avoiding downloads from unverified sources, refraining from clicking on suspicious links or advertisements, creating strong and unique passwords, enabling two-factor authentication and regularly updating software to patch vulnerabilities.

It also advised users to never disable security systems, even if prompted and to use cybersecurity solutions that offer real-time protection against phishing, malware and ransomware.

Update regularly

Organizations, meanwhile, should ensure all systems are regularly updated, implement strong password policies with multi-factor authentication, and deploy behavior-based detection tools to mitigate sophisticated threats.

Businesses are also encouraged to leverage advanced cybersecurity solutions to detect, analyze and respond to potential cyber threats while staying informed about the latest cybersecurity developments to improve security strategies and incident response efforts.