- PandaLabs detected 18m new malware samples in Q2, neutralising around 200 000 threats daily.
- Ransomware attacks and credential theft are tactics most-used by cyber-criminals.
- Problem areas identified by PandaLabs include PoS software, bank attacks, IoT and mobile devices.
In Q2 of 2016 Ransomware attacks continue to rise, with over 18 million new malware samples discovered in the quarter. Trojans continue to dominate as the main delivery method of malware. The development and deployment of Ransomware has become a lucrative business and is costing organisations across the globe billions each year.
Ransomware and Information Theft
Cybercrime is most often financially motivated, using Ransomware to extract money out of organisations across all industries. Hackers tend to target organisations such as hospitals and financial service providers, as these organisations keep highly sensitive client information that can be sold at a high price on the black market.
Examples of such cyber-attacks in Q2 include print publications, internet dating websites and technology giants. For pornographic print publication company Team Skeet, the data breach meant that the names, physical addresses of their over 237 000 subscribers were stolen. Such information could fetch over R 5 500 per individual, on the black market.
Similarly, both beautifulpeople.com and Acer had client details stolen by cyber-criminals, leaving their respective 1.1 million and 34 500 users exposed.
A key takeaway in reviewing these attacks is that payment of the ransom, which is often millions of dollars, does not guarantee the safe return of the breached data.
A Rise in Attacks against PoS Terminals and Financial Entities
POS attacks have increased and become more widespread due to the high price that credit card details collected from these devices fetch on the black market. POS Malware sample PunkeyPOS was presented in Q2, infecting over 200 POS terminals in restaurants across the US alone, as well as infecting numerous terminals internationally. Constantly in search of a bigger prize, Hackers have now taken to directly targeting banks, successfully transferring funds from the Banks using specially developed malware.
The Central Bank of Bangladesh became the first victim of such cyber-attack when hackers managed to successfully transfer 81 million dollars from the bank. Subsequently, banks in both Vietnam and Ecuador have been targeted in similar attacks.
Security Breaches in Mobile Devices and the IoT
Despite increased security measures Android operated mobile devices have been heavily hit by malware this quarter, making them a dangerous ecosystem for users. In Q2, the Internet of Things has continued to be a hot topic for numerous reasons. Connected devices now include Fridges, TVs and Cars, and with the increasing number of connected devices comes the increased risk of cyber-attacks.
In a document produced by Gartner, it is predicted that 25% of the attacks suffered by businesses will involve IoT devices by 2020.
Furthermore, it is expected that in 2016, 6.4 billion of these devices will be connected to the net (30% more than 2015), and by 2018 they calculate that the number of these devices will be over 11.4 billion.
The Advancing Cyberwar
Cyber-attacks do not only originate from private entities, in recent months it appears that cyber-attacks are the latest weapon governments are using to target their adversaries. Although it is rare to find conclusive evidence that confirms the source of these attacks in some cases evidence has come to light. In Q2, the United States went on the offensive and acknowledged that they are launching cyber-attacks against ISIS.
Additionally, South Korea’s police department publicised knowledge of an attack from North Korea. This attack began over a year ago and focused on 140,000 computers belonging to government agencies and defence contractors. The attack was not discovered until February 2016.
For a more in-depth analysis of the Q2 threat landscape find the full report here.