The Malwarebytes’ Cybercrime Tactics and Techniques Q3 2018 report that was released last week brought out some interesting trends in malware attacks. Businesses saw far more attacks this quarter than consumers—their total detections trended upwards by 55 percent, while consumer detections increased only by 4 percent quarter over quarter.
Banking Trojans and ransomware, traditionally aimed at both businesses and consumers, leaned much harder into their business targets. Even malware such as crypto miners and adware that has generally preferred consumers seem to have graduated to a more professional target.
Here are some quick highlights:
The report shows an 88 percent increase of ransomware detections aimed at businesses, the majority of which have been served GandCrab. As consumer-facing ransomware attacks decline, it is becoming apparent that cybercriminals are now after more lucrative targets.
Banking Trojans were the number one detection for both businesses and consumers. This year has seen a continual uptick in banking Trojan activity, with several new variants as well as various evolutions to other well-known strains. The big push this quarter came from information stealing malware like Emotet and LokiBot.
Malicious crypto mining decreased by 26 percent for businesses from Q2 2018. It was also interesting to note that 65% of the total crypto mining malware detections occurred in the APAC region in Q3.
Adware decreased by 19 percent for consumers but increased by 15 percent for businesses in Q3. As many as 20 million devices were potentially compromised by rogue apps posing as genuine ad blocker extensions this quarter. Using names such as uBlock Plus, Adblock Pro, HD for YouTube, and Webutation, the fake extensions dropped users into a botnet.
Trends show that cybercriminals are beginning to target businesses who have a robust security infrastructure. They are also likely to do so successfully as many enterprises still run endpoints like ATMs, ticket vending machines, POS terminals on legacy systems which either have no OEM support or are unpatched.
To protect their networks from sophisticated threats, businesses need to rethink their security strategy. Though they cannot control the number of attacks, businesses can significantly reduce the attack surface by implementing a zero trust security architecture using micro-segmentation and process-level visibility and control at the critical endpoints.
ColorTokens software-defined security solutions can help businesses create zero-trust networks to efficiently secure dynamic application environments in minutes.
Get in touch with us for a live demo.