March 26, 2018
The 2018 Malware Review from security awareness and anti-phishing solution provider Cofense (Formerly PhishMe) looks at malware trends over the past 12 months and makes predictions about malware delivery and attack trends in 2018.
The 2018 Cofense Malware Analysis, named A Look Backward and a Look Ahead, was composed after evaluating millions of spam and phishing emails collected from several sources throughout the previous year. The statement has a strong concentration on phishing and other electronic mail attacks – The main attack technique used by danger actors to access enterprise and SMB systems. Cofense also investigated the malware being used by cyberpunks and how the malevolent code has advanced during the previous 12 months.
The study highlights just how adaptable cybercriminals are and the speed at which they switch operations to take advantage of new opportunities, including changing malware variants to profit from new vulnerabilities.
This was clearly proved from the shift to the use of cryptocurrency miners when the value of cryptocurrencies rose in 2017. Besides loading the malevolent coin-mining code onto undermined internet sites, there was a noticeable surge in the cryptocurrency mining malevolent program being sent through spam electronic mail. The malevolent program malware changes computers into cryptocurrency mining slaves, substantially decelerating computers and causing main losses in production.
For its report, Cofense analyzed more than 600 campaigns involving Microsoft Office and notes that Office Macro scripting was the leading attack type, while Microsoft Object Linking and Embedding (OLE) was identified in more than 100 of the 600 campaigns.
During 2017 illegal computer software attacks escalated, with Locky and Cerber the two most generally used illegal computer software families (without screen lockers). Nevertheless, in 2017 many new ransomware families were found that were mainly
being distributed through phishing electronic mails. Cofense notices that five of the top ten ransomware variations in 2017 were completely new.
Cofense predicts that 2018 will see a continued rise in the use of ransomware, with an increase in the number of threat actors using the file-encrypting code. There is also likely to be further diversification in the types of cryptocurrencies used by cybercriminals for payments. Cofense also predicts that as more businesses migrate to the cloud it will become a major attack surface.
It’s vital for businesses to keep up-to-date with the existing attack tendencies to make sure they can customize their fortifications to obstruct new attacks. Companies also require teaching their workers how to identify new dangers.
“As delivery methods evolve daily and malware innovations accelerate, timely attack intelligence is critical and must extend across organizations. Now is the time for every inbox to be a sensor and every employee to be a security evangelist that can trigger organization-wide security orchestration to break the attack kill chain at delivery,” said Aaron Higbee, Co-Founder, and CTO at Cofense.