Now that we are a few months into 2018, security analysts are able to look back on 2017 and analyze leading cybersecurity trends. Not surprisingly, according to the Cisco 2018 Annual Cybersecurity report, there was an elevenfold increase in malware last year.
“Adversaries are becoming more adept at evasion— and weaponizing cloud services and other technology used for legitimate purposes,” the report declares.
The following are some of the major cybersecurity trends of 2017:
Ransomware Families Up 32%, Total Ransomware Threats Down 41%
According to Dark Reading, the growth in ransomware attacks hit a plateau, while the number of ransomware families rose considerably. As cybercriminals become more adept in targeting individuals and organizations, the variety of ransomware attacks are evolving. Not surprisingly, the WannaCry variant dominated the landscape – making up 57% of all ransomware detected last year.
According to Cisco, the malware evolution was swift. In May 2017, WannaCry emerged — “…a ransomware cryptoworm …to propagate, it took advantage of a Microsoft Windows security vulnerability called EternalBlue, which was leaked by the hacker group Shadow Brokers in mid-April 2017….
Another ransomware example was Nyetya (also known as NotPetya) that surfaced in June 2017. Cisco reports that this wiper malware also masqueraded as ransomware, using the remote code execution vulnerability nicknamed “EternalBlue,” as well as the remote code execution vulnerability.
Increase in Cryptomining Malware
Cryptomining malware – or simply cryptojacking – is a new term that refers to software programs and malware components that are designed to take over a computer’s resources. The cybercriminals covertly infect your computer with software to do the calculations needed to generate cryptocurrency, such as Bitcoin, Monero or Ethereum. The crooks then keep any cryptocoin proceeds for themselves.
Dark Reading reported that almost 90% of the malicious payloads they detected in remote code-execution attacks in December were cryptomining malware. Nowadays security experts believe cryptomining has become the preferred choice of infecting remote servers. Bitcoin Magazine reports that by tracing the wallets and the mining pools, security analysts were able to view the amount of money made using cryptomining — an estimated $10,000. A report from Imperva notes, “…cryptomining malware allows attackers to use the CPU power of the vulnerable server to mine crypto currencies. In this kind of attack, the attackers eliminate the need to sell their product to a third party and thus achieve a faster return on investment.”
Annual Cybercrime: Nearing $600 Billion
The Center for Strategic and International Studies and McAfee worked together to ascertain how much cybercrime is affecting the global economy. Dark Reading reports that “…online fraud and financial crimes, financial manipulation, opportunity costs, post-breach mitigation, cyber insurance, and reputational damage — the overall estimate adds up to … $600 billion. That’s a $150 billion or 33% increase over 2014.
Zero-Day Vulnerabilities Up 98%
According to TechTarget, “A zero-day exploit is an attack that exploits a previously unknown security vulnerability.” Despite many organizations beefing up security, Zero-day vulnerabilities nearly doubled in 2017 from 2016, according to Trend Micro’s Annual Security Report, “The past year demonstrated how threat actors are constantly on the prowl for weaknesses in systems and devices, as these serve as gateways to potentially lucrative exploits. Cybercriminals actively look for flaws to take advantage of in order to gain access and escalate privileges in systems, as well as to conduct denial-of-service attacks.”
IOT Attacks are on the Rise
The Internet of Things (IOT) devices are vulnerable to botnet attacks. Botnets can infect a group of computers with Trojan viruses in order for cybercriminals to breach security for nefarious purposes, such as launching a distributed-denial-of-service (DDoS) attacks. The Fortinet Threat Landscape Report 2017 writes that, “IoT botnets are on the significant uptick. One example of this is the rise in Reaper, a variant evolved from Mirai that was able to boost its volume over the course of four days last October from 50,000 to 2.7 million nodes.”
According to the Cisco 2018 Annual Cybersecurity Report, organizations with IoT devices probably have many more vulnerable IoT devices in their IT environments that they may be unaware of. “Meanwhile, IoT botnets are expanding …as attackers are taking advantage of the fact that security teams are having difficulty defending …IoT environments.”
It is important to be vigilant in training and educating employees on the proper use of applications and data and helping to protect the security of their organization. Contact DiamondIT at 877-716-8324 to learn more about security training, assessment and implementation services to build out your lines of defense and prevent cybercrime.