cyber trends
have become democratised, with
advanced attack methods now available
to anyone willing to pay for them, as part
of the growing ‘malware-as-a-service’
industry. Highlights include:
• Cryptominers digging undetected
on networks: Cryptominers infected
10x more organisations than
ransomware in 2018 but only one in
five IT security professionals were
aware their company’s networks had
been infected by mining malware. A
total of 37% of organisations globally
were hit by cryptominers in 2018 and
20% of companies continue to be
hit every week despite an 80% fall in
cryptocurrency values.
• Threat risk of cryptominers
underrated by organisations: When
asked what they rated as the biggest
threats to their organisation, just 16%
stated cryptomining, compared with
DDoS attacks (34%), data breaches
(53%), ransomware (54%) and
phishing (66%). This is concerning
as cryptominers can easily act as
stealth backdoors to download and
launch other types of malware.
• Malware-as-a-service rises: The
GandCrab Ransomware-as-a-
www.intelligentciso.com
|
Issue 11
Service affiliate program shows
how amateurs can now profit from
the ransomware extortion business
as well. Users keep up to 60% of
the ransoms collected from victims,
and its developers keep up to 40%.
GandCrab has over 80 active affiliates
and within two months in 2018 had
infected over 50,000 victims and
claimed between US$300,000 and
US$600,000 in ransoms.
“The second instalment of our
2019 Security Report shows how
cybercriminals are successfully
exploring stealthy new
approaches and business
models, such as malware
affiliate programs, to
maximise their illegal
revenues while reducing
their risk of detection,”
Alexander added.
“But out-of-sight shouldn’t mean
out-of-mind: even though cyberattacks
during 2018 have been lower-profile,
they are still damaging and dangerous.
“By reviewing and highlighting
these developments in the report,
organisations can get a better
understanding of the threats they face
and how they prevent them impacting on
their business.”
Peter Alexander, Chief Marketing Officer of
Check Point Software Technologies
Check Point’s 2019 Security Report
is based on data from Check Point’s
ThreatCloud intelligence, one of the
largest collaborative networks for
fighting cybercrime which delivers threat
data and attack trends from a global
network of threat sensors; from Check
Point’s research investigations over the
last 12 months. u
21