Cyber criminals are rapidly adding cryptojacking to their arsenal and creating a highly profitable new revenue stream, as the ransomware market becomes overpriced and overcrowded, according to Symantec’s (Nasdaq: SYMC) Internet Security Threat Report (ISTR), Volume 23, released today.

 

“Cryptojacking is a rising threat to cyber and personal security,” said David Rajoo, Director, Systems Engineering, Malaysia, Indonesia & Philippines, Symantec “The massive profit incentive puts people, devices and organizations at risk of unauthorized coin miners siphoning resources from their systems, further motivating criminals to infiltrate everything from home PCs to giant data centers.”

 

Symantec’s ISTR provides a comprehensive view of the threat landscape, including insights into global threat activity, cyber criminal trends and motivations for attackers. The report analyzes data from the Symantec Global Intelligence Network™, the largest civilian threat collection network in the world, records events from 126.5 million attack sensors worldwide, and monitors threat activities in over 157 countries and territories. Key highlights include:

 

Cryptojacking Attacks Explode by 8,500 Percent
During the past year, an astronomical rise in cryptocurrency values triggered a cryptojacking gold rush with cyber criminals attempting to cash in on a volatile market. Detections of coinminers on endpoint computers increased by 8,500 percent in 2017. Philippines ranks 11th in the Asia-Pacific Japan (APJ) region, 35th globally in terms of crypto mining activities.

 

With a low barrier of entry – only requiring a couple lines of code to operate – cyber criminals are harnessing stolen processing power and cloud CPU usage from consumers and enterprises to mine cryptocurrency. Coinminers can slow devices, overheat batteries, and in some cases, render devices unusable. For enterprise organizations, coinminers can put corporate networks at risk of shutdown and inflate cloud CPU usage, adding cost.

 

“Now you could be fighting for resources on your phone, computer or IoT device as attacks use them for profit,” said Rajoo. “People need to expand their defenses or they will pay for the price for someone else using their device.”

 

IoT devices continue to be ripe targets for exploitation. Symantec found a 600 percent increase in overall IoT attacks in 2017, which means that cyber criminals could exploit the connected nature of these devices to mine en masse. Macs are not immune either with Symantec detecting an 80

 

percent increase in coin mining attacks against Mac OS. By leveraging browser-based attacks, criminals do not need to download malware to a victim’s Mac or PC to carry out cyber attacks.

 

Majority of Targeted Attackers Use Single Method to Infect Victims
The number of targeted attack groups is on the rise with Symantec now tracking 140 organized groups. Last year, 71 percent of all targeted attacks started with spear phishing – the oldest trick in the book – to infect their victims. As targeted attack groups continue to leverage tried and true tactics to infiltrate organizations, the use of zero-day threats is falling out of favor. Only 27 percent of targeted attack groups have been known to use zero-day vulnerabilities at any point in the past.

 

The security industry has long discussed what type of destruction might be possible with cyber attacks. This conversation has now moved beyond the theoretical, with one in ten targeted attack groups using malware designed to disrupt.

 

Implanted Malware Grows by 200 Percent, Compromising Software Supply Chain
Symantec identified a 200 percent increase in attackers injecting malware implants into the software supply chain in 2017. That’s equivalent to one attack every month as compared to four attacks the previous year. Hijacking software updates provides attackers with an entry point for compromising well-guarded networks. The Petya outbreak was the most notable example of a supply chain attack. After using Ukrainian accounting software as the point of entry, Petya used a variety of methods to spread laterally across corporate networks to deploy their malicious payload.

 

Mobile Malware Continues to Surge
Threats in the mobile space continue to grow year-over-year, including the number of new mobile malware variants which increased by 54 percent. Symantec blocked an average of 24,000 malicious mobile applications each day last year. As older operating systems continue to be in use, this problem is exacerbated. For example, with the Android operating system, only 20 percent of devices are running the newest version and only 2.3 percent are on the latest minor release.

 

Mobile users also face privacy risks from grayware apps that aren’t completely malicious but can be troublesome. Symantec found that 63 percent of grayware apps leak the device’s phone number. With grayware increasing by 20 percent in 2017, this isn’t a problem that’s going away.

 

Business-Savvy Cyber Criminals Price Ransomware for Profit
In 2016, the profitability of ransomware led to a crowded market. In 2017, the market made a correction, lowering the average ransom cost to $522 and signaling that ransomware has become a commodity. Many cyber criminals may have shifted their focus to coin mining as an alternative to cashing in while cryptocurrency values are high. Additionally, while the number of ransomware families decreased, the number of ransomware variants increased by 46 percent, indicating that criminal groups are innovating less but are still very productive. In 2017, Philippines ranks 20th in terms of ransomware threats globally, as compared to 25th in 2016.

 

From the Experts: Security Best Practices
As attackers evolve, there are many steps businesses can take to protect themselves. As a starting point, Symantec recommends the following best practices.

 

FroFor businesses:

  • Don’t get caught flat-footed: Use advanced threat intelligence solutions to help you find indicators of compromise and respond faster to incidents.
  • Prepare for the worst: Incident management ensures your security framework is optimized, measurable and repeatable, and that lessons learned improve your security posture. Consider adding a retainer with a third-party expert to help manage crises.
  • Implement a multi-layered defense: Implement a multi-layered defense strategy that addresses attack vectors at the gateway, mail server and endpoint. This also should include two-factor authentication, intrusion detection or protection systems (IPS), website vulnerability malware protection, and web security gateway solutions throughout the network.
  • Provide ongoing training about malicious email: Educate employees on the dangers posed by spear-phishing emails and other malicious email attacks, including where to internally report such attempts.
  • Monitor your resources: Make sure to monitor your resources and networks for abnormal and suspicious behavior and correlate it with threat intelligence from experts.

 

For consumers:

  • Change the default passwords on your devices and services: Use strong and unique passwords for computers, IoT devices and Wi-Fi networks. Don’t use common or easily guessable passwords such as “123456” or “password”.
  • Keep your operating system and software up to date: Software updates will frequently include patches for newly discovered security vulnerabilities that could be exploited by attackers.
  • Be extra careful on email: Email is one of the top infection methods. Delete any suspicious-looking email you receive, especially if they contain links and/or attachments. Be extremely wary of any Microsoft Office email attachment that advises you to enable macros to view its content.
  • Back up your files: Backing up your data is the single most effective way of combating a ransomware infection. Attackers can have leverage over their victims by encrypting their files and leaving them inaccessible. If you have backup copies, you can restore your files once the infection has been cleaned up.

RECOMMENDED ARTICLE FOR TECHWORLD


 
Be Original, Buy Original
Techworld Date Posted: 12 July 2018 2:04 PM | 271 Views
In line with efforts to bring Nokia fans only the best mobile experience, HMD Global, the home of Nokia phones, warns consumers about counterfeit Nokia phones being sold in physical stores and online shops.. See More
 
Be Original, Buy Original
Techworld Date Posted: 2:04 PM | 271 Views
In line with efforts to bring Nokia fans only the best mobile experience, HMD Global, the home of Nokia phones, warns consumers about counterfeit Nokia phones being sold in physical stores and online shops.See More

 
Sprout Solutions Supports Local Startup Community in PH through a Series of Free Learning Sessions
Techworld Date Posted: 16 December 2017 5:16 PM | 389 Views
Sprout Solutions, the fastest-growing Filipino tech startup providing a complete suite of HR software tools specifically made for the Philippine business environment, gives back by supporting the country’s startup community through its series of.... See More
 
Sprout Solutions Supports Local Startup Community in PH through a Series of Free Learning Sessions
Techworld Date Posted: 5:16 PM | 389 Views
Sprout Solutions, the fastest-growing Filipino tech startup providing a complete suite of HR software tools specifically made for the Philippine business environment, gives back by supporting the country’s startup community through its series of...See More

 
What’s your treasured Nokia moment?
Techworld Date Posted: 22 December 2017 3:03 PM | 301 Views
Admit it, before all the fuss about touchscreens and sleek metal frames and glass back, the rave was all about the sturdiest body, intuitive interface, and interchangeable covers and keypads. See More
 
What’s your treasured Nokia moment?
Techworld Date Posted: 3:03 PM | 301 Views
Admit it, before all the fuss about touchscreens and sleek metal frames and glass back, the rave was all about the sturdiest body, intuitive interface, and interchangeable covers and keypadsSee More

 
Five Ways to Make the Most Out of Your PLDT Home Prepaid Wi-Fi
Techworld Date Posted: 11 September 2018 10:59 AM | 234 Views
PLDT Home Prepaid Wi-Fi, the first prepaid service of the country’s No.1 broadband, is here and it is allowing more Filipino families to finally get their own high-speed Internet connection and enjoy their favorite.... See More
 
Five Ways to Make the Most Out of Your PLDT Home Prepaid Wi-Fi
Techworld Date Posted: 10:59 AM | 234 Views
PLDT Home Prepaid Wi-Fi, the first prepaid service of the country’s No.1 broadband, is here and it is allowing more Filipino families to finally get their own high-speed Internet connection and enjoy their favorite...See More

 
MSI Announces Clearance Sale Exclusive to PC Express Gilmore
Techworld Date Posted: 7 September 2017 3:26 PM | 399 Views
Big Savings with MSI Clearance Sale exclusive at PC Express Gilmore Branch located at UNIT 2A 2ND FLOOR, 25 Gilmore Ave, New Manila, Quezon City, Metro Manila. Save as much as P55,000 on selected.... See More
 
MSI Announces Clearance Sale Exclusive to PC Express Gilmore
Techworld Date Posted: 3:26 PM | 399 Views
Big Savings with MSI Clearance Sale exclusive at PC Express Gilmore Branch located at UNIT 2A 2ND FLOOR, 25 Gilmore Ave, New Manila, Quezon City, Metro Manila. Save as much as P55,000 on selected...See More

 
Lenovo Bolsters Its Legion Line-Up, Launches New Gaming PCs at Gamescom 2017
Techworld Date Posted: 29 August 2017 3:53 PM | 331 Views
At gamescom2017 in Cologne, Germany, leading global technology brand Lenovo launched four new powerful additions to its Legion gaming lineup family - three VR-ready Windows 10 PCs Lenovo Legion Y920, Y720 and Y520 Towers,.... See More
 
Lenovo Bolsters Its Legion Line-Up, Launches New Gaming PCs at Gamescom 2017
Techworld Date Posted: 3:53 PM | 331 Views
At gamescom2017 in Cologne, Germany, leading global technology brand Lenovo launched four new powerful additions to its Legion gaming lineup family - three VR-ready Windows 10 PCs Lenovo Legion Y920, Y720 and Y520 Towers,...See More

 
OPPO to Launch Power-Packed F9 in the Philippines
Techworld Date Posted: 9 August 2018 4:41 PM | 299 Views
OPPO announced its latest model F9, which is set to launch in the country on August 15. OPPO F9 is the brand-new breakthrough F series smartphone that will ship with VOOC Flash charge, gradient.... See More
 
OPPO to Launch Power-Packed F9 in the Philippines
Techworld Date Posted: 4:41 PM | 299 Views
OPPO announced its latest model F9, which is set to launch in the country on August 15. OPPO F9 is the brand-new breakthrough F series smartphone that will ship with VOOC Flash charge, gradient...See More

 
SAP Calls for Public and Private Sector Organisations in the Philippines to Harness the Power of Data
Techworld Date Posted: 23 August 2017 1:34 PM | 328 Views
On photo: Ryan Poggi, Managing Director, SAP Philippines and Kathleen Muller, Head of Analytics and Insight, SAP Southeast Asia SAP SE (NYSE: SAP) said today it has harnessed its digital core, bold technologies of the.... See More
 
SAP Calls for Public and Private Sector Organisations in the Philippines to Harness the Power of Data
Techworld Date Posted: 1:34 PM | 328 Views
On photo: Ryan Poggi, Managing Director, SAP Philippines and Kathleen Muller, Head of Analytics and Insight, SAP Southeast Asia SAP SE (NYSE: SAP) said today it has harnessed its digital core, bold technologies of the...See More

 
Are Data Breaches Stressing You Out?
Techworld Date Posted: 12 July 2018 1:11 PM | 407 Views
Common wisdom holds that the most stressful things a person might face in life are moving house, getting fired, or going through a divorce. In the grand scheme of things, stress caused by data.... See More
 
Are Data Breaches Stressing You Out?
Techworld Date Posted: 1:11 PM | 407 Views
Common wisdom holds that the most stressful things a person might face in life are moving house, getting fired, or going through a divorce. In the grand scheme of things, stress caused by data...See More

 
Lenovo Addresses Shifting Workspace Needs
Techworld Date Posted: 23 March 2018 1:11 PM | 424 Views
Lenovo (HKSE: 992) (ADR: LNVGY), the world’s leading PC manufacturer, launched its 8th-generation Lenovo ThinkPads and ThinkStations–specifically designed to provide enhanced agility and performance to support the ever-evolving workspace spurred by millennial workers.. See More
 
Lenovo Addresses Shifting Workspace Needs
Techworld Date Posted: 1:11 PM | 424 Views
Lenovo (HKSE: 992) (ADR: LNVGY), the world’s leading PC manufacturer, launched its 8th-generation Lenovo ThinkPads and ThinkStations–specifically designed to provide enhanced agility and performance to support the ever-evolving workspace spurred by millennial workers.See More


Power by

Download Free AZ | Free Wordpress Themes