Fortinet report reveals malware targeting cryptocurrencies
Fortinet has announced the findings of its latest Global Threat Landscape Report . The research reveals cybercriminals are evolving their attack methods to increase their success rates and speed infections. While ransomware continues to impact organisations in destructive ways, there are indications that some cybercriminals now prefer hijacking systems and using them for cryptomining rather than holding them for ransom.
“We face a troubling convergence of trends across the cybersecurity landscape. Malicious cyber actors are demonstrating their efficiency and agility by exploiting the expanding digital attack surface, taking advantage of newly announced zero-day threats, and maximizing the accessibility of malware for bad”, said Phil Quade, chief information security officer, Fortinet. “In addition, IT and OT teams often don’t have the resources necessary to keep systems appropriately hardened or protected. Luckily, implementing a security fabric which prioritises —speed, integration, advanced analytics, and risk-based decision making— can enable comprehensive protection at machine speed and scale.”
Data indicates that cybercriminals are getting better and more sophisticated in their use of malware and leveraging newly announced zero-day vulnerabilities to attack at speed and scale. While the number of exploit detections per firm dropped by 13% in Q1 of 2018, the number of unique exploit detections grew by over 11%, while 73% of companies experienced a severe exploit.
· Attacks Against Operational Technology (OT): While OT attacks are a smaller percentage of the overall attack landscape, the trends are concerning. This sector is increasingly becoming connected to the Internet, with serious potential ramifications for security. Currently, the vast majority of exploit activity is directed against the two most common industrial communication protocols because they are widely-deployed and therefore highly-targeted. Data shows that in Asia ICS exploit attempts appear to be somewhat more prevalent when comparing the prevalence of ICS exploit activity across other regions.