CyberCrimeSecurity

McAfee Report Highlights Rise In Cyber Threats And Evasion Techniques

Sam Pudwell joined Silicon UK as a reporter in December 2016. As well as being the resident Cloud aficionado, he covers areas such as cyber security, government IT and sports technology, with the aim of going to as many events as possible.

It should come as no surprise, but cyber threats are continuing to rise

McAfee Labs has released its June threat report, revealing that there were 244 new threats every minute – more than four every second – during Q1 2017.

There were 301 publicly disclosed security incidents in Q1, a 53 percent increase from the previous quarter, with healthcare, education and the public sector accounting for more than half of the total.

The total number of malware samples has also increased, rising 22 percent in the last four quarters to 670 million known samples.

cyber crime

All rise

Other stats from the threat report serve to paint a picture of the rapidly developing cyber threat landscape which is leaving businesses in all industries constantly at risk from cyber criminals.

Ransomware has continued to be one of the big talking points following the WannaCry epidemic and the total number of ransomware samples has grown 59 percent in the past four quarters to 9.6 million known samples.

Mobile malware has enjoyed even bigger growth, increasing by 79 percent over the same period to 16.7 million samples.

Whilst the majority of this malware is targeting PCs, the number of Mac OS malware samples grew 53 percent in Q1 2017, suggesting that cyber criminals are taking a greater interest in the Apple platform.

Cyber evasion

The report also investigates the evasion techniques that have been employed by cyber criminals to avoid detection and analysis

They are broadly classified into three categories: Anti-security techniques, used to avoid detection by tools such as firewalls and anti-malware engines; Anti-sandbox techniques, used to detect automatic analysis and avoid engines that report on malware behaviour malware and anti-analyst techniques, used to detect and fool malware analysts by spotting monitoring tools.

By making use of these techniques, hackers could be able to not only avoid initial detection, but also stay hidden on a network for long periods of time. Among other things, this would enable cyber espionage to take place, something which has grown in prevalence in recent times.

“There are hundreds, if not thousands, of anti-security, anti-sandbox, and anti-analyst evasion techniques employed by hackers and malware authors, and many of them can be purchased off the shelf from the Dark Web,” said Vincent Weafer, vice president of McAfee Labs.

“This quarter’s report reminds us that evasion has evolved from trying to hide simple threats executing on a single box, to the hiding of complex threats targeting enterprise environments over an extended period of time, to entirely new paradigms, such as evasion techniques designed for machine learning based protection.”

Are you a security pro? Try our quiz!