Cryptomining Replaces Ransomware as Most Popular Cybercrime Malware
Analysis of vulnerability and threat trends shows cryptomining malware dominates threat landscape in the first half of 2018
SAN JOSE, Calif., July 18, 2018 (GLOBE NEWSWIRE) -- Skybox® Security, a global leader in cybersecurity management, announced today the release of its mid-year update to the Vulnerability and Threat Trends Report which analyzes vulnerabilities, exploits and threats in play. The report, compiled by the team of security analysts at the Skybox® Research Lab, aims to help organizations align their security strategy with the reality of the current threat landscape.
The mid-year update explores trends observed from January to June of 2018. One of the most significant findings is the replacement of ransomware as the cybercriminal tool of choice with cryptomining malware. In the last six months of 2017, ransomware accounted for 32 percent of attacks, while malicious cryptominers accounted for seven percent. By the first half of 2018, the figures had switched almost exactly: malicious cryptominers accounted for 32 percent of attacks while ransomware dropped to eight percent.
"In the last few years, ransomware reigned supreme as the shortcut money-maker for cybercriminals," said Ron Davidson, Skybox CTO and vice president of R&D. "It doesn't require data exfiltration, just encryption to hold the data hostage and a ransom note of how the victim can pay up. With cryptominers, the criminals can go straight to the source and mine cryptocurrency themselves. There's no question of if they'll be paid or not."
Cryptomining uses the computational power of compromised assets to create new blocks in the blockchain of like Bitcoin and Monero. The malicious or unauthorized cryptomining approach indeed avoids several of the drawbacks of ransomware:
- The victim doesn't need to be notified of the attack in order to pay the ransom, so it can continue indefinitely in a stealth manner
- Cryptocurrency can be mined over long-periods of time, rather than the cybercriminal receiving a single lump-sum ransom payment
- There is no decision of payment on the part of the victim - the attack itself controls how much money will be generated.
"Ransomware received a lot of attention in years past, especially thanks to the likes of WannaCry, NotPetya and BadRabbit," said Skybox Director of Threat Intelligence Marina Kidron and leader of the Research Lab behind the report. "To some extent, organizations took note and put effective precautions in place, ensuring they had reliable back-ups and even thwarting attackers with decryption programs. So cybercriminals found - in cryptomining- a path of lesser resistance. The recent uptick in value of cryptocurrencies also made this an incredibly profitable attack option."
Other findings in the report appear to relate to this rise in cryptomining. Internet and mobile vulnerabilities made up nearly a third of all new vulnerabilities published in the first half of 2018. Google Android had by far the most vulnerabilities during that time period, exceeding the tally of the next five most vulnerable vendors combined. Android also logged 200 more vulnerabilities than it did in the second half of 2018. Malicious cryptomining has found an advantage in targeting the app store of the global market leader in mobile devices, with billions of potential targets worldwide.
Browser-based malware is also on the rise in the first half of 2018. "Out of all software today, web browsers are considered the most prone to malicious attacks," said Kidron. "They constantly interact with websites and applications that cybercriminals have infected with malware like cryptominers and other threats via the web, which are notoriously difficult to detect. The cryptomining malware could be active as long as the web session is active, and 'file-less' cryptominers also can hide from conventional security tools as there's no download or attachment to analyze."
No matter the payload, attackers looking to exploit vulnerabilities have more resources than ever. Not only are dark web market places rich with attack tools and services, and criminal forums ripe with information, vulnerabilities themselves have skyrocketed. New vulnerabilities catalogued by MITRE's National Vulnerability Database doubled in 2017 over the previous year, and 2018 looks to be on track to shatter even that record. The 2017 surge and continued elevated numbers is largely due to organizational improvements at MITRE and increased security research by vendors and third-parties, including vendor-sponsored bug bounty programs. But no matter the reason, organizations have to employ smarter and faster ways to find the signal in the noise and mitigate vulnerability risks before they're used in an attack.
Skybox recommends establishing a threat-centric vulnerability management (TCVM) program to adapt to these changes in the threat landscape and those yet to come. The TCVM approach helps security practitioners focus on the small subset of vulnerabilities most likely to be used in an attack by incorporating vulnerability and threat intelligence with the context of their assets, network and security controls. This way, remediation is targeted at the greatest areas of risk while leveraging all response options - patching as well as network-based changes.
About Skybox Research Lab
The Skybox Research Lab is team of security analysts who daily scour data from dozens of security feeds and sources as well as investigate sites in the dark web. The Research Lab validates and enhances data through automated as well as manual analysis, with analysts adding their knowledge of attack trends, cyber events and TTPs of today's attackers. Their ongoing investigations determine which vulnerabilities are being exploited in the wild and used in distributed crimeware such as ransomware, malware, exploit kits and other attacks exploiting client- and server-side vulnerabilities.
For more information on the methodology behind the Skybox Research Lab and to keep up with the latest vulnerability and threat intelligence, visit www.vulnerabilitycenter.com.
About Skybox Security
Skybox provides the industry's broadest cybersecurity management platform to address security challenges within large, complex networks. By integrating with 120 networking and security technologies, the Skybox® Security Suite gives comprehensive attack surface visibility and the context needed for informed action. Our analytics, automation and intelligence improve the efficiency and performance of security operations in vulnerability and threat management and firewall and security policy management for the world's largest organizations.
© 2018 Skybox Security, Inc. All rights reserved. Skybox Security and the Skybox Security logo are either registered trademarks or trademarks of Skybox Security, Inc., in the United States and/or other countries. All other trademarks are the property of their respective owners. Product specifications subject to change at any time without prior notice.
Director of Brand and Communications
408-205-1618 | Tawnya.firstname.lastname@example.org
OneChocolate for Skybox Security
United Kingdom: Daniel Couzens
+44 (0)20 7437 0227 | DanielC@onechocolatecomms.co.uk
Germany: Melanie Grasser
+49 (0)89 3888 920 10 | MelanieG@onechocolatecomms.de
France: Xavier Delhôme
+33 1 41 31 75 09 | email@example.com
A photo accompanying this announcement is available at http://www.globenewswire.com/NewsRoom/AttachmentNg/8c26e3be-8dd4-457a-b19b-becd7c28c469
The issuer of this announcement warrants that they are solely responsible for the content, accuracy and originality of the information contained therein.
Source: Skybox Security via Globenewswire
Om Nasdaq GlobeNewswire
One Liberty Plaza - 165 Broadway
NY 10006 New York
+1 212 401 8700http://www.nasdaqomx.com
NASDAQ (NASDAQ: NDAQ) is a leading provider of trading, exchange technology, information and public company services across six continents.
Følg saker fra Nasdaq GlobeNewswire
Registrer deg med din epostadresse under for å få de nyeste sakene fra Nasdaq GlobeNewswire på epost fortløpende. Du kan melde deg av når som helst.
Siste saker fra Nasdaq GlobeNewswire
DoubleVerify and InMobi Unite to Combat Mobile App Fraud11.12.2018 18:02 | Pressemelding
Partnership brings mobile app fraud prevention to advertisers globally NEW YORK, Dec. 11, 2018 (GLOBE NEWSWIRE) -- DoubleVerify ("DV"), the leading independent provider of marketing measurement software and analytics, today announced a partnership with InMobi, a global provider of enterprise platforms for marketers. As part of the partnership, DoubleVerify will provide always-on fraud filtering and measurement for mobile in-app advertising campaigns across the InMobi Exchange globally. The integration with InMobi covers pre-bid targeting for all InMobi Exchange impressions within the leading mobile in-app platform, as well as monitoring of post-bid fraud activity, such as spoofing – enabling InMobi to continuously refine the quality of its mobile ad inventory. “DV’s partnership with InMobi demonstrates our commitment to provide consistent, comprehensive quality coverage for global brand advertisers,” said Matt McLaughlin, COO at DoubleVerify. “With ad spend increasingly concentrated in
Claroty Announces Major Enhancements to Market-Leading Industrial Cybersecurity Platform11.12.2018 15:00 | Pressemelding
Groundbreaking multispectral data acquisition and network segmentation capabilities provide deeper OT network visibility and reduce risk for industrial enterprises and critical infrastructure providers NEW YORK, Dec. 11, 2018 (GLOBE NEWSWIRE) -- Claroty, the leader in operational technology (OT) network protection, today announced several significant enhancements to its award-winning Continuous Threat Detection product and technology integrations with several leading industrial automation, network infrastructure and cybersecurity providers. Already the industry’s most complete industrial control systems (ICS) cybersecurity platform, this release incorporates new functionality to provide even more “extreme” visibility into ICS networks and help industrial enterprises decrease the risk of a cyberattack. The latest release of Claroty Continuous Threat Detection provides a large number of significant enhancements including: Virtual Zones and OT Network Segmentation – an innovative approach
INN Launches Battery Metals Channel11.12.2018 15:00 | Pressemelding
The new battery metals channel is designed to educate investors with original content and expert insight on the growing battery metals industry. VANCOUVER, British Columbia, Dec. 11, 2018 (GLOBE NEWSWIRE) -- Investing News Network (INN) announces the launch of its battery metals channel. Responding to the growth and evolution of the battery metals market, this channel will host news, educational content and expert opinions on the lithium, cobalt, graphite, vanadium and manganese market segments. “INN has been a trusted source of information on the lithium, cobalt, graphite, vanadium and manganese markets for nearly a decade, and is excited to bring these sectors together under the battery metals umbrella,” said Nick Smith, CEO and publisher at INN. “Through connections with experts, our leading team of experienced writers creates original, insightful content on battery metals. INN educates investors in the industry by providing information they may never have access to on their own,” S
Galimedix Therapeutics Appoints Industry Veteran, Hermann Russ, M.D., Ph.D., Chief Scientific Officer11.12.2018 14:30 | Pressemelding
KENSINGTON, Md. and SHORASHIM, Israel, Dec. 11, 2018 (GLOBE NEWSWIRE) -- Galimedix Therapeutics, which is developing new solutions for ophthalmic and neurodegenerative diseases, announced the appointment of Hermann Russ, M.D., Ph.D., as its chief scientific officer, effective December 1, 2018. Dr. Russ invented the use of the company’s lead molecule GAL-101/MRZ-99030 for the treatment of degenerative diseases of the retina, including glaucoma and dry macular degeneration. He is also co-inventor of the so-called “trigger effect” of GAL-101/MRZ-99030 and GAL-102/MRZ 14042, which is a unique reverse prion-like self-propagation mechanism of action important for the company’s eye drop and oral treatment regimens. “We are gratified that Dr. Russ is joining the Galimedix management team, as his knowledge in the field, as well as intimate experience with the compound, have already proven instrumental in the development of our company to date,” commented Andrew Pearlman, Ph.D., CEO of Galimedix
Farmako: Cannabis distributor to become gateway to Europe11.12.2018 10:00 | Pressemelding
Company is first to apply for a licence in the United Kingdom AAA-Team pushes to become gateway to Europe Company first to apply for distribution licences in UK Support of Canadian LP to obtain EU-GMP Focus on research and development FRANKFURT, Germany, Dec. 11, 2018 (GLOBE NEWSWIRE) -- The Frankfurt-based pharmaceutical company Farmako is a research-based pharmaceutical company that distributes medical cannabis. The company is active in all European markets that have created a legal basis for cannabinoid therapies. It is the first company for medical Cannabis pursue distribution licences in multiple European countries. Fort hat, it will rely on EU-GMP certified suppliers. The German market for medical cannabis is estimated at 19.1 million euros in 2018 and at 200 million Euros by 2019. For 2028, experts expect a market volume for medical cannabis of 7.8 billion euros in Germany, an increase by a factor of 400. The number of patients for cannabinoid therapies in Germany has grown from
Kofax RPA Wins DM Award for Artificial Intelligence / Robotic Process Automation Product of the Year11.12.2018 09:00 | Pressemelding
Recognised as Finalist in Seven Categories, Kofax Named Leader in New Category Reflecting the Evolution of the Document and Content Management Sector IRVINE, Calif., Dec. 11, 2018 (GLOBE NEWSWIRE) -- Kofax ® , a leading supplier of intelligent automation (IA) software to digitally transform end-to-end business processes, today announced Kofax RPA was named “AI / Robotic Process Automation Product of the Year” at the 2018 DM Awards, a prestigious awards program conducted by Document Manager Magazine. “By enabling organisations to easily and cost effectively scale their RPA deployments across the enterprise, we’ve raised the bar with Intelligent Automation – the next generation of RPA. We are pleased that the readers of DM Magazine recognise this and honored to receive this award. It is a testament to our success and leadership in the market,” said Reynolds C. Bish, Chief Executive Officer of Kofax. “As the only vendor with cognitive capture, RPA, process orchestration and analytics in i
I vårt presserom finner du alle våre siste saker, kontaktpersoner, bilder, dokumenter og annen relevant informasjon om oss.Besøk vårt presserom