Story image

8 million malware detections in NZ so far, according to new report

12 Sep 2017

More than 8 million malware detections in New Zealand were recorded by Trend Micro in the first half of this year, according to the company’s newly-released 2017 Midyear Security Roundup: The Cost of Compromise report.

Asia Pacific has been a heavy target for total attacks in the first half of this year. Out of 82 million ransomware attacks worldwide, 33.8% of those attacks targeted APAC.

New Zealand was also exposed to more than 2 million malicious URLs, the report says.

Businesses should keep a close eye on business email compromise (BEC) attacks, the report says. Statistics from the US FBI put the total global losses attributed to BEC scams since 2013 have topped US$5.3 billion.

BEC attacks attempt to convince or impersonate high-level executives in order to steal money or information. This year, top job title targets were CEO (41.8%), managing director/director (28.3%) and president (6.9%).

“The first half of 2017 undeniably saw cyberattacks becoming more diverse and sophisticated, with as many as 28 new ransomware families identified each month. Although businesses are more aware of the economic and reputational impact, cybercriminals are continuously evolving to outsmart enterprise,” comments Dr. Jon Oliver, senior security architect at Trend Micro.

Oliver says that evidence still points to vulnerabilities in IoT devices, such as routers. He says the WannaCry attacks demonstrate those vulnerabilities, as they affected speed cameras and red light cameras.

A recent analyst report by Forrester found that enterprises are still not investing enough in security.

 “Enterprises need to prioritise funds for effective security upfront, as the cost of a breach is frequently more than a company’s budget can sustain,” comments Trend Micro CIO Max Cheng.

The report also highlighted that while there were 382 new vulnerabilities discovered in the first half of 2017, however the existing EternalBlue exploit took advantage of one major vulnerability (CVE-2017-0144), which spurred the WannaCry ransomware.

The report found that most spam emails detected by Trend Micro contained malware.

Amongst the top five file types for spam attachments, .PDF files topped the list at 28.7 million worldwide, followed by .XLS (12.1 million), .JS (8.5 million), .WSF (5.1 million), and .DOCX (4.8 million.)

“Major cyberattacks against enterprises globally have continued to be a hot-button topic this year, and this trend is likely to continue through the remainder of 2017. It’s integral to the continued success of organisations to stop thinking of digital security as merely protecting information, but instead as an investment in the company’s future, brand and reputation,” Cheng concludes.

New threat rears its head in new malware report
Check Point’s researchers view Speakup as a significant threat, as it can be used to download and spread any malware.
Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.
Opinion: 4 Ransomware trends to watch in 2019
Recorded Future's Allan Liska looks at the past big ransomware attacks thus far to predict what's coming this year.