INDUSTRY WATCH
“WE NOW LIVE IN A WORLD
IN WHICH THE MOTIVE
BEHIND RANSOMWARE
INCLUDES MORE THAN
SIMPLY MAKING MONEY.”
Intelligence network registered notable
trends in cyber threat growth and
cyberattack incidents across industries:
• Security incidents. McAfee Labs
counted 311 publicly disclosed
security incidents in Q2, an increase
of 3% over Q1. 78% of all publicly
disclosed security incidents in Q2
took place in the Americas.
• Vertical industry targets. The
health, public and education sectors
comprised more than 50% of total
incidents in 2016-2017 worldwide.
• Attack vectors. Account hijacking led
disclosed attack vectors, followed
by DDoS, leaks, targeted attacks,
malware, and SQL injections.
• Malware overall. New malware
samples leaped up in Q2 to 52 million,
a 67% increase. This Q2 rise in new
malware is in part due to a significant
increase in malware installers and the
Faceliker Trojan. The latter accounted
for as much as 8.9% of all new
malware samples. The total number
of malware samples grew 23% in
the past four quarters to almost 723
million samples.
• Ransomware. New ransomware
samples again increased sharply in
Q2, by 54%. The number of total
ransomware samples grew 47%
in the past four quarters to 10.7
million samples.
• Mobile malware. Total mobile
malware grew 61% in the past four
quarters to 18.4 million samples.
Global infections of mobile devices
rose by 8% in Q2, with Asia again
leading the regions with 18%.
• Mac malware. With the decline of a
glut of adware, Mac OS malware has
76
INTELLIGENTCIO
returned to historical levels, growing
by only 27,000 in Q2. Still small
compared with Windows threats, the
total number of Mac OS malware
samples increased by just 4% in Q2.
• Macro malware. New macro
malware rose by 35% in Q2. 91,000
new samples raised the total overall
sample count to 1.1 million.
• Spam campaigns. The botnet Gamut
again claims the top rank in volume
during Q2, continuing its trend of
spamming job-related junk and
phony pharmaceuticals. The Necurs
botnet was the most disruptive,
pushing multiple pump-and-dump
stock scams during the quarter.
Upon Further Review: WannaCry
and NotPetya
McAfee’s analysis of the WannaCry
and NotPetya attacks builds on the
organisation’s previous research
by providing more insight into how
the attacker creatively combined
a set of relatively simple tactics,
melding a vulnerability exploit, proven
ransomware, and familiar worm
propagation. McAfee notes that
both attack campaigns lacked the
payment and decryption capabilities to
successfully extort victims’ ransoms and
unlock their systems.
“It has been claimed that these
ransomware campaigns were
unsuccessful due to the amount of
money made,” said Raj Samani, Chief
Scientist for McAfee. “However, it is
just as likely that the motivation of
WannaCry and NotPetya was not to
make money but something else. If
McAfee Q3 2017 Threats
Report Infographic
www.intelligentcio.com