37% computers processing biometric face attempts to steal data: Kaspersky

According to cybersecurity company Kaspersky, a significant number of computers used to store and process biometric data faced at least one attempt of malware attack in the September-ending quarter. The study was conducted on computers with the cybersecurity company's products installed. The study shows a significant number of conventional malware samples were blocked. 

5.4 per cent of modern remote access Trojans were blocked, followed by malware used in phishing attacks at 5.1 per cent, ransomware at 1.9 per cent and Trojan bankers at 1.5 per cent. Of late, the biometric authentication method is replacing traditional authentication methods such as those based on logins and passwords.

Biometric authentication is used to access government and commercial offices, industrial automation systems, corporate and personal laptops and mobile phones. But researchers believe that biometric authentication systems have proved to have some serious security drawbacks.

Researchers examined targeted computers used to collect, process and store biometric data in the first nine months this year. It found out that 37 per cent of such computers faced at least one attempt of malware infection in Q3 2019.

READ | Hackers can access, manipulate your biometric data using sophisticated malware attack

The internet is the main source of threats for biometric data processing systems – threats with this source were blocked on 14.4% of all biometric data processing systems, as per the researchers. This category includes threats blocked on malicious and phishing websites, along with web-based email services.

"Our research shows that the existing situation with biometric data security is critical and needs to be brought to the attention of industry and government regulators, the community of information security experts, and the general public," said Kirill Kruglov, senior security expert, Kaspersky ICS CERT.

8 per cent of threat contribution comes through removable media, which are most often used to distribute worms in the form of download spyware, remote access Trojans and ransomware and infect computers.

Threats blocked in email clients were ranked third at 6.1 per cent. In most cases, these are typical phishing emails comprising fake messages on the delivery of goods and services, the payment of invoices, etc. that contain links to malicious websites or attached office documents with embedded malicious code.

READ | 3.13 lakh cybersecurity incidents reported in India till October this year