Cryptomining Replaces Ransomware as Most Popular Cybercrime Malware
Analysis of vulnerability and threat trends shows cryptomining malware dominates threat landscape in the first half of 2018
SAN JOSE, Calif., July 18, 2018 (GLOBE NEWSWIRE) -- Skybox® Security, a global leader in cybersecurity management, announced today the release of its mid-year update to the Vulnerability and Threat Trends Report which analyzes vulnerabilities, exploits and threats in play. The report, compiled by the team of security analysts at the Skybox® Research Lab, aims to help organizations align their security strategy with the reality of the current threat landscape.
The mid-year update explores trends observed from January to June of 2018. One of the most significant findings is the replacement of ransomware as the cybercriminal tool of choice with cryptomining malware. In the last six months of 2017, ransomware accounted for 32 percent of attacks, while malicious cryptominers accounted for seven percent. By the first half of 2018, the figures had switched almost exactly: malicious cryptominers accounted for 32 percent of attacks while ransomware dropped to eight percent.
"In the last few years, ransomware reigned supreme as the shortcut money-maker for cybercriminals," said Ron Davidson, Skybox CTO and vice president of R&D. "It doesn't require data exfiltration, just encryption to hold the data hostage and a ransom note of how the victim can pay up. With cryptominers, the criminals can go straight to the source and mine cryptocurrency themselves. There's no question of if they'll be paid or not."
Cryptomining uses the computational power of compromised assets to create new blocks in the blockchain of like Bitcoin and Monero. The malicious or unauthorized cryptomining approach indeed avoids several of the drawbacks of ransomware:
- The victim doesn't need to be notified of the attack in order to pay the ransom, so it can continue indefinitely in a stealth manner
- Cryptocurrency can be mined over long-periods of time, rather than the cybercriminal receiving a single lump-sum ransom payment
- There is no decision of payment on the part of the victim - the attack itself controls how much money will be generated.
"Ransomware received a lot of attention in years past, especially thanks to the likes of WannaCry, NotPetya and BadRabbit," said Skybox Director of Threat Intelligence Marina Kidron and leader of the Research Lab behind the report. "To some extent, organizations took note and put effective precautions in place, ensuring they had reliable back-ups and even thwarting attackers with decryption programs. So cybercriminals found - in cryptomining- a path of lesser resistance. The recent uptick in value of cryptocurrencies also made this an incredibly profitable attack option."
Other findings in the report appear to relate to this rise in cryptomining. Internet and mobile vulnerabilities made up nearly a third of all new vulnerabilities published in the first half of 2018. Google Android had by far the most vulnerabilities during that time period, exceeding the tally of the next five most vulnerable vendors combined. Android also logged 200 more vulnerabilities than it did in the second half of 2018. Malicious cryptomining has found an advantage in targeting the app store of the global market leader in mobile devices, with billions of potential targets worldwide.
Browser-based malware is also on the rise in the first half of 2018. "Out of all software today, web browsers are considered the most prone to malicious attacks," said Kidron. "They constantly interact with websites and applications that cybercriminals have infected with malware like cryptominers and other threats via the web, which are notoriously difficult to detect. The cryptomining malware could be active as long as the web session is active, and 'file-less' cryptominers also can hide from conventional security tools as there's no download or attachment to analyze."
No matter the payload, attackers looking to exploit vulnerabilities have more resources than ever. Not only are dark web market places rich with attack tools and services, and criminal forums ripe with information, vulnerabilities themselves have skyrocketed. New vulnerabilities catalogued by MITRE's National Vulnerability Database doubled in 2017 over the previous year, and 2018 looks to be on track to shatter even that record. The 2017 surge and continued elevated numbers is largely due to organizational improvements at MITRE and increased security research by vendors and third-parties, including vendor-sponsored bug bounty programs. But no matter the reason, organizations have to employ smarter and faster ways to find the signal in the noise and mitigate vulnerability risks before they're used in an attack.
Skybox recommends establishing a threat-centric vulnerability management (TCVM) program to adapt to these changes in the threat landscape and those yet to come. The TCVM approach helps security practitioners focus on the small subset of vulnerabilities most likely to be used in an attack by incorporating vulnerability and threat intelligence with the context of their assets, network and security controls. This way, remediation is targeted at the greatest areas of risk while leveraging all response options - patching as well as network-based changes.
About Skybox Research Lab
The Skybox Research Lab is team of security analysts who daily scour data from dozens of security feeds and sources as well as investigate sites in the dark web. The Research Lab validates and enhances data through automated as well as manual analysis, with analysts adding their knowledge of attack trends, cyber events and TTPs of today's attackers. Their ongoing investigations determine which vulnerabilities are being exploited in the wild and used in distributed crimeware such as ransomware, malware, exploit kits and other attacks exploiting client- and server-side vulnerabilities.
For more information on the methodology behind the Skybox Research Lab and to keep up with the latest vulnerability and threat intelligence, visit www.vulnerabilitycenter.com.
About Skybox Security
Skybox provides the industry's broadest cybersecurity management platform to address security challenges within large, complex networks. By integrating with 120 networking and security technologies, the Skybox® Security Suite gives comprehensive attack surface visibility and the context needed for informed action. Our analytics, automation and intelligence improve the efficiency and performance of security operations in vulnerability and threat management and firewall and security policy management for the world's largest organizations.
© 2018 Skybox Security, Inc. All rights reserved. Skybox Security and the Skybox Security logo are either registered trademarks or trademarks of Skybox Security, Inc., in the United States and/or other countries. All other trademarks are the property of their respective owners. Product specifications subject to change at any time without prior notice.
Director of Brand and Communications
408-205-1618 | Tawnya.firstname.lastname@example.org
OneChocolate for Skybox Security
United Kingdom: Daniel Couzens
+44 (0)20 7437 0227 | DanielC@onechocolatecomms.co.uk
Germany: Melanie Grasser
+49 (0)89 3888 920 10 | MelanieG@onechocolatecomms.de
France: Xavier Delhôme
+33 1 41 31 75 09 | email@example.com
A photo accompanying this announcement is available at http://www.globenewswire.com/NewsRoom/AttachmentNg/8c26e3be-8dd4-457a-b19b-becd7c28c469
The issuer of this announcement warrants that they are solely responsible for the content, accuracy and originality of the information contained therein.
Source: Skybox Security via Globenewswire
Om Nasdaq GlobeNewswire
One Liberty Plaza - 165 Broadway
NY 10006 New York
+1 212 401 8700http://www.nasdaqomx.com
NASDAQ (NASDAQ: NDAQ) is a leading provider of trading, exchange technology, information and public company services across six continents.
Følg saker fra Nasdaq GlobeNewswire
Registrer deg med din epostadresse under for å få de nyeste sakene fra Nasdaq GlobeNewswire på epost fortløpende. Du kan melde deg av når som helst.
Siste saker fra Nasdaq GlobeNewswire
Elite Capital & Gas broadens financial services and signs a deal with Tabarak Investment Capital Limited17.10.2018 16:30 | Pressemelding
DUBAI, United Arab Emirates, Oct. 17, 2018 (GLOBE NEWSWIRE) -- Today the President of Elite Petro & Gas, Mr. George Matharu and the President of Tabarak Investment Capital Limited (Investment Bank), Dr. Mohamed Ahmadi announced a deal in which the two companies will use their combined resources to execute physical commodity trades, and provide banking and finance facilities for oil and gas transactions. The alliance between the two entities will also allow compliance related activities to be carried out from two major international hubs of London and Dubai. This increases the international presence of both companies. Additionally, Elite Petro & Gas (“EPG”) has recently formed relationships with the owners of a number of high profile European, South American and Chinese projects, which EPG and Tabarak can work on together. Tabarak Investment Capital Limited is a regulated investment bank by Dubai Financial Services Authority and incorporated in the Dubai International Financial Centre.
MASH ANNOUNCES EUR 50M EQUITY ROUND AND LAUNCH OF EUROPE'S FIRST STO17.10.2018 15:14 | Pressemelding
Mash Group, a ten year old digital lender and pay later solution provider, announced a EUR 50M equity round and the launch of a Security Token Offering (STO) Helsinki, 17th October: Mash Group Plc, a Finnish FinTech company specializing in consumer lending and pay later solutions, today announced that pre-registration has begun for a Securitized Token Offering (STO). Mash is partnering with DLA Piper, Trust and Tokeny to offer professional investors the means to participate in the current equity round using both crypto and fiat currency. Deloitte has been selected to provide AML and KYC services. The whitelisting process will begin in October with the round closing in December 2018. The STO is part of Mash’s broader EUR 50 million equity round. Security tokens are not the same as utility tokens, as have been issued in a number of recent initial coin offerings (ICOs). The Mash security tokens are backed by assets and token holders would have voting rights and dividend rights of the comp
Meizu officially launches its Overseas smartphone17.10.2018 15:13 | Pressemelding
Jakarta, Indonesia, Oct. 17, 2018 (GLOBE NEWSWIRE) -- Meizu officially launches its Overseas smartphone, produced in and to be sold in the Indonesian market, the C9, as well as 4 other fantastic products, including the Flagship Meizu 16th, the upgraded M6T, POP true wireless earphones and EP52 Lite. A photo accompanying this announcement is available at https://i.imgur.com/C4LvxTd.png ( Jakarta, Indonesia October 15th, 2018) -- Meizu is releasing 5 exciting products, including 3 smartphone models, its iconic flagship 16th, M6T, C9, POP and EP52 Lite earphones). Meizu’s product launch event is set for the 15th October 2018 at the Pullman hotel in Jakarta Indonesia, with a great line-up of speakers, including Meizu’s Co-Founder and Overseas President Mr Guo, and overseas Head of Marketing and packed with over 150 of Indonesia’s top media, bloggers and fans, it’s set to be a fantastic event all round. Meizu is releasing five great products and introducing 2 years’ warranty on their smartp
eVestment Launches Market Lens to Arm Asset Managers with Next Level Insights to Win More Institutional Investment Mandates17.10.2018 15:00 | Pressemelding
ATLANTA, Oct. 17, 2018 (GLOBE NEWSWIRE) -- Institutional asset managers looking for the next level of insights in their pursuit of institutional investment mandates can now turn to Market Lens from eVestment, a global leader in institutional investor data and analytics. Market Lens offers a robust feature set including a comprehensive mandate database; investor, consultant and manager profiles; and more than 35,000 documents, audio recordings and videos. These assets include manager presentations, consultant recommendations and research. The new solution also features customized email alerts, saved searches and export capabilities for easy integration into client workflows. The underlying public fund documents allow Market Lens to feature unique investment insights, including product ratings, target asset allocation, actual negotiated fees paid and, leveraging eVestment relationships with institutional investment consultants, undisclosed consultant search data. “In their efforts to win
Kofax Intelligent Automation Deployment at Davies Turner Wins Ventana Award for Overall Digital Leadership17.10.2018 12:00 | Pressemelding
Project Recognized for Driving Real-Time Insight into Shipments and Inventory to Transform the Customer Experience; Other Kofax Customers also Receive Accolades IRVINE, Calif., Oct. 17, 2018 (GLOBE NEWSWIRE) -- Kofax ® , a leading supplier of intelligent automation (IA) software to digitally transform end-to-end business processes, today announced its customer Davies Turner, one of the UK’s leading multimodal freight forwarding and logistics companies, won the 2018 Overall Digital Leadership Award from Ventana Research for its successful implementation of Kofax Intelligent Automation. Kofax customers Pinnacol Assurance and PITT-OHIO were also recognized. “Davies Turner’s commitment to automation was ambitious but the perfect match for Kofax Intelligent Automation,” said Reynolds C. Bish, Chief Executive Officer of Kofax. “This award is a great illustration of how Kofax enables increased productivity to help organizations remain on track for profitable growth and significant competitive
2018 European Cost Insight Product Cost Management Conference17.10.2018 10:00 | Pressemelding
Companies from Across Europe to Gather and Discuss How PCM Strategies & Technologies Improve Profitability & Accelerate Design to Delivery Time CONCORD, Mass., Oct. 17, 2018 (GLOBE NEWSWIRE) -- aPriori, the leading provider of enterprise product cost management (PCM) software solutions, announces today that it will host the European Cost Insight Product Cost Management Conference on November 26-28, 2018. This year’s event is being held at Hilton Amsterdam Airport Schiphol in Amsterdam, The Netherlands. This event is open to both aPriori customers and representatives from any manufacturers that are interested in learning more about product cost management technology and best practices. Visit the Cost Insight 2018 Event Website for complete information and register for this year’s program. Why Should You Attend Cost Insight 2018? As pressure increases to deliver innovative and customized products to market faster, manufacturers are struggling to maintain product profits and accelerate de
I vårt presserom finner du alle våre siste saker, kontaktpersoner, bilder, dokumenter og annen relevant informasjon om oss.Besøk vårt presserom