Ransomware Remains Weapon Of Choice For Hackers

Spyware to the left, ransomware to the right…new Malwarebytes report paints grim picture of growing cyber threats

Malwarebytes has published its second annual ‘Cybercrime Tactics and Techniques: 2017 State of Malware’ report, and it makes for grim reading for IT professionals.

Like the first report released in August 2016 which found that nearly 40 percent of enterprises around the world had been hit by ransomware in 2015/2016, the second such report also makes for shocking reading.

Among the depressing findings are that Malwarebytes found a 882 percent increase in spyware growth detections in the UK – higher than any other region. And it also witnessed a 165 percent increase in ransomware in the UK, a pace almost double that of the US thanks to the WannaCry outbreak in May 2017.

Ransomware Scourge

However, that should be tempered with some slightly good news after Malwarebytes found that towards the end of the year the scale of ransomware attacks declined.

This, according to the security firm, signifies that cybercriminals are moving away from this common attack methodology.

But there is no disguising the fact that overall the report shows sharp increases in malware-based cybercrime, including ransomware, banking trojans, spyware, adware and cryptocurrency mining.

Malwarebytes said that the key findings are that ransomware remains the tool of choice for cybercriminals in 2017. Ransomware attacks against consumers increased 93 percent in 2017, whereas ransomware attacks against businesses had increased 90 percent in 2017.

“The monthly rate of ransomware attacks increased up to 10 times the rate of 2016, with September 2017 having the largest volume of ransomware attacks against businesses ever documented,” the firm said.

The UK experienced its worst month in May 2017, when overall ransomware attacks increased at an unprecedented pace and businesses / consumers are more likely to encounter ransomware as a percentage of attacks than the US.

And Malwarebytes’ telemetry found that between July and September 2017, there was a 700 percent increase in ransomware with two families (GlobeImposter and WannaCry) making up most of that statistic.

However that was a drop in ransomware detections towards the end of 2017, as cybercriminals changed tactic of instead of blackmailing people and businesses for ransoms, they opted to steal outright.

Other Threats

Malwarebytes also found that hijackers, adware and riskware tools were the top three detections against businesses (in order).

There was also an average of 102 percent increase in banking Trojan detections in the second half of the year.

Hijackers rose nearly 40 percent year over year, moving this threat to the most common threat detected against businesses in 2017, said the firm.

There has also been an increase in the malicious use of crypto-miners, as criminals have started utilising cryptomining tools for their own profit, using victim’s personal computers in the process.

Malwarebytes said that it had blocked an average of 8 million drive-by mining attempts per day in September alone.

Meanwhile there has been a decrease in the number of adware makers, but the volume of adware increased 132 percent year-over-year, making up 40 percent of consumer threat detections (up from less than 20 percent in 2016).

Adware is Malwarebytes second-most detected threat, despite fewer adware families in the mix. And consumer threats are on the rise, as the overall threat volume against consumers rose 12 percent in 2017.

“The last year has certainly thrown us a few curveballs, with massive ransomware attacks, changes in malware distribution and the significant increase in cryptocurrency miners,” said Marcin Kleczynski, Malwarebytes CEO. “With 2018 just getting started, these findings can help pave the way for increased awareness, C-level participation, and enhanced technologies to better protect both consumers and businesses.”

Do you know all about security in 2017? Try our quiz!