In the second half of 2016 ransomware attacks doubled with the percentage increasing from 5.5% to 10.5% between July and December 2016, revealed cyber security firm Check Point’s H2 2016 Global Threat Intelligence Trends.
The H2 2016 Global Threat Intelligence Trends Report highlights the key tactics cyber-criminals are using to attack businesses, and gives a detailed overview of the cyber-threat landscape in the top malware categories – ransomware, banking and mobile. It is based on threat intelligence data drawn from Check Point’s ThreatCloud World Cyber Threat Map between July and December 2016.
“The core issue with ransomware is the general lack of strong pro-active security practices. The ability of hackers to receive payments via Bitcoin has greatly improved ransomware’s effectiveness. To effectively deal with zero-day ransomware, a multi-layered security architecture is the need of the hour. While real-time behavioral analysis to identify attacks before they begin to encrypt data is required, it is equally important to track down ransomware that evades the initial analysis,” said Bhaskar Bakthavatsalu, MD, Check Point, India and SAARC. “A layered approach also ensures that the malware is quarantined, forensic analysis is done and the encrypted data is restored. It is time to look to the future and start preparing for what lies ahead,” he added.
Check Point researchers detected a number of key trends during the period:
- The Monopoly in the Ransomware Market – thousands of new ransomware variants were observed in 2016, and in recent months we witnessed a change in the ransomware landscape as it became more and more centralized, with a few significant malware families dominating the market and hitting organizations of all sizes.
- DDoS Attacks via IoT Devices – in August 2016, the infamous Mirai Botnet was discovered – a first of its kind- the Internet-of-Things (IoT) Botnet, which attacks vulnerable Internet-enabled digital such as video recorders (DVR) and surveillance cameras (CCTV). It turns them into bots, using the compromised devices to launch multiple high-volume Distributed Denial of Service (DDoS) attacks. It is now clear that vulnerable IoT devices are in use in almost every home, and massive DDoS attacks that are based on such will persist.