Firms facing 504 hacking threats per minute: McAfee

New Delhi: The businesses are witnessing 504 new cyber security threats every minute and ransomware has grown 118 per cent as hackers adopt new tactics and code innovations to steal data globally, a new report said on Wednesday.

More than two billion stolen account credentials were made available in the underground market in the first quarter (Q1) this year, revealed the report by cyber security company McAfee.

“The impact of these threats is very real. It’s important to recognise that the numbers, highlighting increases or decreases of certain types of attacks, only tell a fraction of the story,” said Raj Samani, McAfee fellow and chief scientist.

“Every infection is another business dealing with outages, or a consumer facing major fraud. We must not forget for every cyber attack, there is a human cost,” he added.

The threat data was gathered by the McAfee “Global Threat Intelligence” cloud from over a billion sensors across multiple threat vectors around the world.

Read more

While spearphishing remained popular, ransomware attacks increasingly targeted exposed remote access points, such as Remote Desktop Protocol (RDP).

The researchers also observed actors behind ransomware attacks using anonymous email services to manage their campaigns versus the traditional approach of setting up command-and-control (C2) servers.

“The use of email services is perceived by threat actors to be a more anonymous method of conducting criminal business,” the findings showed.

The most active ransomware families of the quarter appeared to be “Dharma” (also known as Crysis), GandCrab and Ryuk.

“Paying ransoms supports cybercriminal businesses and perpetuates attacks. There are other options available to victims of ransomware. Decryption tools and campaign information are available through tools such as the No More Ransom project,” said Christiaan Beek, McAfee Lead Scientist and Senior Principal Engineer.

New cryptomining malware increased 29 per cent in Q1 2019.

“CookieMiner” malware targeted Apple users, attempting to obtain bitcoin wallets credentials.

As a byproduct, the malware also gained access to passwords and browsing data. Total coin mining malware samples grew 414 per cent over the past four quarters.

Cybercriminals continued to leverage lax security in IoT devices. New malware samples increased 10 per cent and total IoT malware grew 154 per cent over the past four quarters.

McAfee Labs counted 412 publicly disclosed security incidents, an increase of 20 per cent from Q4 2018.

Thirty-two percent of all publicly-disclosed security incidents took place in the Americas, followed by 13 per cent in Europe and 13 per cent in the Asia-Pacific region, said the report.