The first quarter of 2016 has seen a significant rise is cyberattacks, and unfortunately, the forecast doesn’t look much better.
Banking Trojans and Ransomware have dominated the cyber security stats in the first quarter (Q1) of 2016. Most of these threats are delivered via email and Q1 revealed a 66% increase in emails containing malicious URLs and attachments over the previous quarter. Compared to the Q1 2015 cyber security statistics, the increase was an astounding 800%.
According to cybersecurity firm, Proofpoint, email, social media, and mobile devices have been the most exposed vectors for cybercriminals in Q1.
- Email:
- Impostor email threats are increasingly sophisticated and specialized, with about 75% of impostor email phishing attacks relying on “reply-to” spoofing to trick users into thinking messages are from someone in authority.
- Ransomware has become the most preferred method of malware for cybercriminals to use.
- Social Media:
- As the volume of fan- and brand-generated content increases, so does exposure to risk. Social media content from Fortune 500 companies increased by at least 30% in Q1.
- Mobile:
- Despite the discovery of a new iOS Trojan, 98% of all malicious mobile apps examined in Q1 targeted Android devices.
Banking Trojans:
In early 2016, we saw the demise of the Dyre Banking Trojan, only to have it replaced by other banking Trojans such as Dridex, Android/Spy.Agent.SI and Goznym. Dridex has been the most popular form of malware in Q1, responsible for a staggering 74% of emails containing malicious document attachments.
Ransomware:
Locky has been responsible for the vast majority of ransomware that has infected users in Q1, accounting for 24% of the total malicious emails from cybercriminals. With that said, ransomware such as Jigsaw, Cerber, CryptoJoker and Ransom32 have started to make a push for the podium in terms of gaining a market share of malware threats.
What’s on the Horizon?
With banking Trojans and ransomware showing a steady, upward trend, it’s extremely difficult to say when these threats may plateau, if at all. When an old form of malware gets shut down, it seems like a new, more sophisticated form appears.
Business Email Compromise (BEC), specifically a new threat called “whaling” is definitely on the rise. Whaling is a form of phishing that goes after high-level executives at large corporations and during its short time (relative to other forms of cyberattacks), has reaped huge rewards for cybercriminals. In the two years that whaling has been around, it has cost businesses over $750 million in losses. Be sure to check out our article on whaling that digs deeper into whaling and what you can do to mitigate your exposure.
WatchPoint releases CryptoStopper.io to identify, isolate and stop Ransomware, even after it has infected your network and gotten through all of your prevention systems.
Learn more and download a fully functional 14 day test drive. The trial allows you to simulate a Ransomware attack on your network and see the isolation process in action.
Want some one-on-one time with a WatchPoint expert? Schedule a time to talk.