Malware attacks to increase in 2018
Malware, short for malicious software, is a term used to refer to a variety of harmful or intrusive software, including computer viruses, worms, Trojan horses, ransomware, spyware, adware, scareware, and other malicious programmes.
Cisco, in its yearly, Cyber Security Report 2018, urged defenders to prepare to face new, self-propagating, network-based threats in the year.
Cisco stressed that adversaries are taking malware to unprecedented levels of sophistication and impact. It pointed out that the growing number and variety of malware types and families perpetuate chaos in the attack landscape by undermining defenders’ efforts to gain and hold ground on threats.
The report disclosed that attackers would make their malware even more potent by combining it with “worm-like” functionality to cause widespread damage, stressing that this malware evolution was swift.
“In May 2017, WannaCry – a ransomware cryptoworm – emerged and spread like wildfire across the Internet. To propagate, it took advantage of a Microsoft Windows security vulnerability called EternalBlue, which was leaked by the hacker group Shadow Brokers in mid-April 2017.
“WannaCry had earned more than $143,000 through bitcoin payments at the point the wallets were cashed out. Given the timeline, and calculating accrual of the value on the bitcoin originally paid into the wallets at $93,531,” the report noted.
Cisco threat researchers estimated that roughly 312 ransom payments were made. As a comparison, the exploit kit Angler, when it was active, was earning about $100million yearly as a global business.
However, the report noted that security leaders now rely on, and invest in automation, machine learning, and artificial intelligence (AI) to defend threats.
Findings from the report showed 39 per cent of organisations are reliant on automation, 34 per cent on machine learning, and 32 per cent on Artificial Intelligence.
Cisco observed that Malware sophistication is increasing, as adversaries begin to weaponise cloud services, and evade detection through encryption, used as a tool to conceal command-and-control activity.
To reduce adversaries’ time to operate, Cisco observed that security professionals said they will increasingly leverage and spend more on tools that use AI and machine learning.
While encryption is meant to enhance security, the expanded volume of encrypted web traffic, both legitimate and malicious, has created more challenges for defenders trying to identify and monitor potential threats.
Cisco threat researchers observed more than a threefold increase in encrypted network communication used by inspected malware samples over a 12-month period.
Senior Vice President and Chief Security and Trust Officer, Cisco, John N. Stewart, said: “Last year’s evolution of malware demonstrates that our adversaries continue to learn, so we have to raise the bar now, there is too much risk, and it is up to us to reduce it.’’
Some additional highlights from Cisco 2018 Annual Cyber-security Report include: The financial cost of attacks is no longer a hypothetical number; Supply chain attacks are increasing in velocity and complexity; although security is extremely vital, it’s getting more complex and the scope of breaches is expanding.
The report had in it some recommendations for defenders, including to confirm that they adhere to corporate policies and practices for application, system, and appliance patching; and access timely, accurate threat intelligence data and processes that allow for that data to be incorporated into security monitoring.
They are also to back up data often and test restoration procedures, processes that are critical in a world of fast-moving, network-based ransom ware worms and destructive cyber weapons, among others.
No comments yet