Ransomware Detections Up 90% for Businesses in 2017

  /     /     /  
Publicated : 22/11/2024   Category : security


Ransomware Detections Up 90% for Businesses in 2017


Last year, cybercriminals shifted from consumer to enterprise targets and leveraged ransomware as their weapon of choice.



Ransomware became the fifth-most-common threat for businesses in 2017 as detections increased by 90% from the previous year. Attacks also hit consumers hard, reaching a 93% detection rate year-over-year, reports Malwarebytes.
The company today released its 2017 State of Malware Report, which highlights trends based on telemetry data collected from products between January and November 2016, and January and November 2017. Analysts also pulled data from the companys threat-facing honeypots in 2017 and combined this with their own observations and analysis.
2016 was the year of ransomware for consumers, says Malwarebytes CEO Marcin Kleczynski in an interview with Dark Reading. 2017 was the year of ransomware for businesses.
Malwarebytes findings support a growing body of research highlighting the 2017 ransomware spike. The Online Trust Alliance (OTA)
states
attacks targeting businesses nearly doubled from 82,000 in 2016 to 159,000 last year. Ransomware attacks hit 134,000 in 2017 — double the 2016 count — and were the primary driver for the overall growth in cybercrime.
In its 2017 Global Threat Intelligence Report, NTT Security
found
77% of all detected ransomware was in four industries: business and professional services (28%), government (19%), healthcare (15%), and retail (15%). Ransomware-related incidents were the most common, at 22%, and made up half of all attacks targeting the healthcare industry.
Malwarebytes researchers also noticed criminals got creative with delivery methods. Leaked government exploits — such as EternalBlue, used in WannaCry — in addition to compromised update processes and increased geo-targeting were used to evade detection.
Development of exploit kits hit a standstill last year. Analysts didnt detect any new zero-day exploits used by any exploit kits in the wild. Its a significant change from previous years, in which exploits were the primary method of infection. Cybercriminals are instead focusing on evading detection and integrating multiple exploits into Microsoft Office documents.
Attackers started leveraging cryptocurrency mining for financial gain and using victims system resources to mine currencies. Tactics include compromised websites serving up drive-by mining code, miners delivered via malicious spam and exploit kit drops, and adware bundlers pushing miners.
Looking Ahead
Ransomware may have been hot in 2017, but, as all trends do, it has started to fade as businesses have smartened up and learned how to protect themselves. Youre seeing less and less returns, as a criminal, says Kleczynski of the ransomware slowdown. Its now hard to find and infect a company that really gets impacted by ransomware like the [the UKs National Health Service] did.
Cybercriminals are pivoting toward banking Trojans, spyware, and hijackers to attack enterprise targets and spy, move throughout their networks, and steal data, including login credentials, contact lists, and credit card data. Banking Trojans were up 102% in the second half of 2017.
The strategy of cybercriminals continues to shift, notes Kleczynski, adding that hijackers were up 40% overall last year. Spyware detections increased 30%, researchers found.
Looking toward the year ahead, he anticipates the largest incident in 2018 will be on the same level as the Mirai botnet that brought down major websites in October 2016. Mirai was scratching the surface on the number of unprotected IoT devices, he says.
The biggest threat this year, in my opinion, is another Mirai-like attack, Kleczynski continues. Well see several this year that will take down major websites.
Related Content:
Meltdown & Spectre: Computings Unsafe at Any Speed Problem
Ransomware Actors Cut Loose on Health Care Organizations
Security Automation: Time to Start Thinking More Strategically
10 Costs Your Cyber Insurance Policy May Not Cover

Last News

▸ Criminal Possession of Government-Grade Stealth Malware ◂
Discovered: 23/12/2024
Category: security

▸ Senate wants changes to cybercrime law. ◂
Discovered: 23/12/2024
Category: security

▸ Car Sector Speeds Up In Security. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Ransomware Detections Up 90% for Businesses in 2017