sb-nz logo
Story image

Check Point's latest threat research taken from data you can see in real time

21 Aug 2017

Check Point has taken the latest results from its Cyber Attack Trends: Mid Year Report from data that viewers can see happening right in front of their eyes.

Along with the report, the company has released its new research platform, Check Point Research, which shares information about the threat landscape, trends and original research.

The report found that across APAC, the RoughTed and Fireball malware have been creating havoc at 22.8% and 18% respectively.

APAC also featured the highest rate of infections from the notorious WannaCry malware, accounting for 29% - the highest incident of infections compared to global statistics. The Locky and Cryptowall ransomware both totalled 15% of APAC attacks.

The Zeus malware was behind 40% of banking breaches and 18% were due to Ramnit.

The report notes four major breaches in Asia Pacific this year: In the first, McDonald’s India app McDelivery leaked personal data belonging to 2.2 million customers.

In March, Japanese payment processing provider GMO Payment Gateway leaked personal and financial data from the Tokyo Metropolitan Government and the Japan Housing Finance Agency.

In April, Melbourne IT suffered a massive DDoS attack that took 500,000 websites offline for an hour and a half.

Also in April, a hacker took over Australian-based company Atlassian’s group chat platform HipChat. The hacker was able to steal personal details such as names, emails, hashed passwords and chat room metadata.

The statistics for the global report were also formulated from Check Point’s ThreatCloud World Cyber Threat Map between January and June 2017. The threat map shows live detections of different malware types across the globe, including the originating attack country, target country, and type of malware.

As of this morning, the threat map found that out of 4.1 million breaches so far today, Russia, Italy, USA and Singapore were the top attack countries. Russia, India, Colombia and the USA were the top target countries.

“Organisations are struggling to effectively counteract the abundance of threats now in play. Hackers are making malware more sophisticated, and so the ability for unskilled hackers to inflict damage has risen dramatically,” comments Check Point’s Threat Intelligence Group manager, Maya Horowitz.

Ransomware attacks in EMEA (Europe, Middle East and Africa) have also doubled since this time last year, from an average of 26% to around 48% of the three main attack categories.

Check Point’s research also points to an increase in macro-based downloaders over the past six months. Microsoft Office files can now be exploited without the need for macros.

Two methods include disguised weaponised RTF files and also XML data in PowerPoint presentations.

Mobile malware across APAC covered a range of threats – 63% was classed as ‘other’ while Hummingbad (8%), Hiddad (7%), Lotoor (6%) Ztorg (6%) Bosuoa (5%) and Rootnik (4%) rounded out the rest of the top threats.

Globally, ‘other’ mobile malware accounted for 57% of threats while 10% were identified as Hiddad attacks.

“With all the cyber threats in circulation, many organisations still do not have the right security defences in place, and are focusing on a detection approach rather than implementing a proactive prevention solution that would block the attacks in the first place,” Horowitz concludes.

Story image
Insider threat report reveals deception in the workforce
Insider threats come from people inside an enterprise, whether they divulge proprietary information with nefarious intentions, or are just careless employees that unwittingly share sensitive data, writes Bitglass product marketing manager Juan Lugo.More
Story image
UiPath and eSentire bring hyperautomation to Microsoft Security
UiPath and eSentire have announced a strategic partnership to deliver end-to-end security policy automation across multiple Microsoft Security services.More
Story image
Majority of industrial enterprises face increase cyber threats since COVID-19
Leadership's top cyber security priority was implementing new technology solutions since the onset of the pandemic.More
Story image
Video: 10 Minute IT Jams - protecting data with user behaviour analytics
In this video, Forcepoint senior sales engineer and solutions architect Matthew Bant discusses the company's DLP solution, the importance of integrating compliance into security solutions, and why cybersecurity strategies should take a more people-based approach.More
Story image
How cyber-attackers use Microsoft 365 tools to steal data
Vectra security research has recently identified how cyber-attackers use Microsoft Office 365 tools against organisations to steal data and take over accounts.More
Story image
Why IT and HR must work together to help businesses weather the storm
Employers are striving to balance team productivity, security and employee engagement. If remote work is the new norm, it’s impossible to ignore the challenging nature of the situation, writes Gigamon manager for A/NZ George Tsoukas.More