Ransomware and malware attacks decline, attackers adopting covert tactics
There has been a major decline in ransomware and malware attacks, with Ireland having some of the lowest rates globally, according to the latest report released by Microsoft.
This is a significant change from 2017, following a prolific series of attacks that targeted supply chains globally.
Initial predictions were that these would increase, however, improvements in cybersecurity measures and detection have impacted on the success rates of these attacks. In fact, there has been a 60% drop in ransomware attacks globally between March and December 2018.
Malware attacks also saw a large drop globally over 2018, with Ireland reporting the lowest monthly malware encounter rate of 1.26%.
Hackers pivot to phishing and cryptocurrency mining
The Security Intelligence Report also reveals that hackers have pivoted to more covert means, with an increased focus on exploiting users through social engineering methods like phishing to gain access and exploit data. Phishing rates have increased with cybercriminals also covertly using victims’ compromised computers for cryptocurrency mining.
While cryptocurrency mining is not a new phenomenon, there has been an increase in its prevalence globally over the last year. In 2018, the average worldwide monthly cryptocurrency coin mining encounter rate was 0.12%, compared to just 0.05% for ransomware.
Many factors contribute to the increased popularity of mining as a payload for malware. Unlike ransomware, cryptocurrency mining does not require user input, it works in the background, while the user is performing other tasks or is away from the computer and may not be noticed at all unless it degrades the computer’s performance sufficiently.
Another driver is the availability of ‘off the shelf’ products for covert mining of many cryptocurrencies, which cybercriminals repackage as malware to deliver to unsuspecting users’ computers.
The weaponized miners are then distributed to victims using many of the same techniques that attackers use to deliver other threats, such as social engineering exploits, and drive-by downloads.
After the mining software is installed, it runs in the background on victims’ computers to perform the blockchain computations, with the attacker reaping the rewards, which grow in value as the price of the cryptocurrency increases. Ireland again saw some of the lowest encounter rates of cryptocurrency mining at 0.02%.
Phishing – whether through email, malvertising, or any other channel – exploits users who pay little attention to details and are likely to click on an email link or an ad, and enter sensitive information when prompted, compromising their security.
The report by Microsoft noted that by adopting both public cloud tools and hosted servers, the attackers have been able to disguise themselves more easily so that they give the impression of legitimate products or services.
“While we have seen a welcome drop in ransomware and malware attacks, it would be a mistake to assume the level of cyber threat to Irish organizations has also decreased,” said Des Ryan, Solutions Director, Microsoft Ireland.
“We are seeing major behavioral change amongst criminal hackers, who want access to a victim’s computer and an organization’s network to access data, but also use their computing power to mine for cryptocurrency. This is about playing the long game and exploiting people’s lack of training and understanding when it comes to cybercrime. Microsoft’s analysts predict phishing will continue to be an issue for the foreseeable future for that reason.”
Poor Irish employee security habits could see potential increases in phishing attacks
Recent research from Microsoft on private and public sector organizations in Ireland showed that 54% of respondents within large organizations reported receiving cyber security training once a year. Only 16% of employees have updated their passwords in the last 12 months in line with their organization’s policies.
Passwords have become too easy to guess or steal. Nearly a quarter (22%) of employees in Ireland write down their passwords. 77% of employees rely on their memory for their work and personal passwords. When it came to their password hygiene, two in five recycle their work passwords, and 44% recycle their personal passwords.
Over the course of a year, only half of those surveyed change their passwords quarterly, with the same number claiming to only update their passwords once a year or less. The research discovered that employees working from home are much more likely to engage in risky security activities that increase the potential for data loss.
Nearly half (49%) of those working from home at least once a week used their personal email account for saving, editing, sending, or sharing work-related documents. 24% revealed that they have accidentally shared work-related material with friends and family. The research found that one in three are allowed by their company to use their personal device for work purposes.