In the first half of 2017, 1.9 billion data records were lost or stolen as a result of cyberattacks. This followed a tough year in 2016, when losses totaled $16 billion and criminals pocketed approximately $1 billion in ransomware payments alone.
Troy Gill, security analyst for AppRiver, the cloud-based cybersecurity and productivity services provider, tells Channel Partners that unpatched systems are still a big problem and are targeted with success. Attacks are far more complex than in the past, have become more customized and have added layers of complexity, he said.
“Malware as a service is on the rise and will result in a much greater threat,” he said. “This is allowing more entrants to the cybercrime arena than ever before. Ransomware is still the most prolific malware, so make sure you are doing all you can to shore up defensive strategy. This includes prevention at all levels and recovery plans for incidents. Could data breaches get any worse? This should be a wake-up call to businesses that they need to assume they will be breached at some point. They need to ensure that all sensitive data at rest [are] being stored with strong encryption, as well as data in transit.”
More than 14.5 billion emails laced with malware were sent in 2017, according to the report. AppRiver also observed a 1,000 percent increase in phishing efforts — and much of this effort was part of multi-phased attacks where perpetrators use phishing campaigns tailored to gather user email login credentials, and then hijack ongoing email conversations by sending a malware attachment in a reply to an ongoing email conversation.
The majority of cyber threats were initiated in the United States and persisted throughout the year, with significant peaks in August, September and October, according to AppRiver.
Last year showed a significantly lower barrier of entry into cybercrime, with user profile names and credit card numbers readily available on the dark web and distribution of 20,000 messages for just $40. Some common attack types included: Distributed Spam Distraction (DSD), which fills inboxes with nonsense emails, simultaneously disguising a cybercriminal’s purchase or wire fraud activity and distracting users from seeing legitimate email; and the Adwind Remote Access Trojan (RAT), which provides hackers with remote control of malicious programs across Windows, Linux, Mac and Android devices, and was often introduced to users in the form of fake payment confirmation emails.
Many new strains of ransomware arrived in 2017, including Cerber, Jaff, Nemucod, Spora and Petya/NotPetya. WannaCry infected hundreds of thousands of computers globally, demanding a $300 bitcoin ransom, while Locky arrived at the rate of 4 million messages per hour.
Dynamic Data Exchange (DDE) protocol attacks produced emails spoofing the Security and Exchange Commission’s online public database, gaining further traction when the largest botnet (Necurs) began to distribute malicious DDE documents. During October of last year alone, AppRiver filters captured nearly …