Be Prepared: Ransomware, Emotet and Trojan attacks against businesses on the rise

Be Prepared: Ransomware, Emotet and Trojan attacks against businesses on the rise

Please see recent article featuring our CMO Marie Clutterbuck published in Information Age following the release of Malware Bytes Cybercrime Report that highlights the shift in ransomware attacks from consumers to businesses.   Marie highlights the need to be prepared by having adequate data protection and recovery capabilities in place.

Q1, Malwarebytes' cybercrime report suggests that Emotet, ransomware and Trojan attacks are on the rise against the enterprise 

The cybercrime report from Malwarebytes has detailed the latest tactics employed by cybercriminals, based on proprietary data collected from millions of business and consumer users worldwide between January 1 and March 31, 2019 — Q1.  Alarmingly, but perhaps unsurprisingly, this cybercrime report for Q1 showed a significant rise in business ransomware detections (195%), along with continued momentum for Trojan variations by over 200%. But, a sharp decline in cryptomining was noted — perhaps a reflection on the gradual decline of the hype surrounding cryptocurrencies.

Described as a trusted authority on malware and threat analysis, Malwarebytes’ latest cybercrime report shows an increasing trend of cybercriminals targeting businesses, and in particular SMEs, whose limited resources make them prime targets. According to the analysis, this shift away from consumer targets demonstrates that cybercriminals are focusing on higher value targets with heavier stores of consumer data over individuals.

SMEs face the greatest risk from attacks as overall business detections have grown 235%. “Consumers might breathe a sigh of relief seeing that malware targeting them has dropped by nearly 40%, but that would be short-sighted,” said Adam Kujawa, director of Malwarebytes Labs. “Consumer data is more easily available in bulk from business targets, who saw a staggering 235% increase in detections year-over-year. Cybercriminals are using increasingly clever means of attack to get even more value from targets through the use of sophisticated Trojans, adware and ransomware.”

The cybercrime report: it’s key findings:

• Businesses are the prime target.

Overall, detections of threats to businesses have steadily risen. They increased by about 7% from the previous quarter, while consumer detections declined by nearly 40%. Compared to Q1 2018, business detections have skyrocketed 235%.

• Ransomware is back to business.

After sometime in the wilderness, following attacks such as WannaCry and NotPetya, ransomware has gained rapid momentum among business targets with an increase of 195% in detections from Q4 2018 to Q1 2019. Compared to the same time last year, business detections of ransomware have seen an uptick of over 500%, due in large part to a massive attack by the Troldesh ransomware against US organisations in early Q1. Indeed, according to the cybercrime report: the US leads in global threat detections at 47%, followed by Indonesia with 9% and Brazil with 8%.

• Emotet also continues to target enterprises.

Emotet has made a total shift away from consumers, reinforcing the intent of its creators to focus on enterprise targets, except for a few outlier spikes. Detections of Trojans (Emotet’s parent category) on business endpoints increased more than 200% since Q4, and almost 650% from the same time last year.

• Mobile Mac devices are increasingly targeted by adware.

While Mac malware saw a more than 60% increase from Q4 2018 to Q1 2019, adware was particularly pervasive, growing over 200% from the previous quarter.

• Exploit authors developed some flashy techniques.

A new Flash Player zero-day was discovered in Q1 and quickly implemented into popular exploit kits, including Underminer and Fallout EK, as well as a new exploit kit called Spelevor.

Commenting on the “definite shift” in the cyber security landscape, Marie Clutterbuck — CMO of independent data recovery specialist Tectrade — said “cybercriminals have changed their focus from consumers to businesses."

“Zero day attacks are on the rise and estimated to be a daily occurrence by 2021. This is largely down to digitisation within organisations and there’s more pressure on developers to deliver software faster – leaving systems vulnerable. This problem is exacerbated by hackers becoming more sophisticated, enabling them to bypass defences more easily.

“IT teams often prioritise stopping a breach occurring at all, but in today’s cyber climate a successful breach is inevitable. The most important aspect of cyber security is that businesses prepare for the worst and have effective data recovery and backup systems in place. Zero Day Recovery makes sure critical systems are down for as little time as possible. It’s often true that real damage from these breaches doesn’t come from the attack itself, but the resultant downtime after a breach – the time taken to become fully operational dictates the financial and operational fallout on a business.”

Read the full article here: