Story image

Cybercrime tools and services becoming increasingly democratised

07 Feb 2019

Cybercrime is becoming increasingly democratised - and not in a good way.

According to the second instalment of Check Point’s 2019 Security Report, the tools and services used to commit cybercrime have become well-managed with advanced attack methods now readily available to anyone willing to pay for them as part of the surging ‘malware-as-a-service’ industry.

“The second instalment of our 2019 Security Report shows how cyber-criminals are successfully exploring stealthy new approaches and business models, such as malware affiliate programs, to maximise their illegal revenues while reducing their risk of detection,” says Check Point Software Technologies chief marketing officer Peter Alexander.

“But out-of-sight shouldn’t mean out-of-mind: Even though cyberattacks during 2018 have been lower-profile, they are still damaging and dangerous.”

There were many highlights of the report, which included:

  • Cryptominers have been actively digging undetected on networks, having infected 10x more organisations than ransomware in 2018. However, only one in five IT security professionals were aware their company’s networks had been infected by mining malware. 37 percent of organisations around the world were affected by cryptominers in 2018, while 20 percent continue be hit every weel despite an 80 percent decline in cryptocurrency values.

  • Organisations are underestimating the threat risk of cryptominers, as just 16 percent stated cryptomining when asked what they rated as the biggest threat to their organisation - compared with phishing with 66 percent, ransomware with 54 percent, data breaches with 53 percent, and DDoS attacks with 34 percent. Check Point says this is concerning as cryptominers can easily act as stealth backdoors to download and launch other types of malware.

  • There has been a significant rise of malware-as-a-service, as the GandCrab Ransomware-as-a-Service affiliate program shows how amateurs can now profit from the ransomware extortion business as well. Users are able to keep up to 60 percent of the ransoms collected from victims, while the developers keep up to 40 percent. GandCrab has over 80 active affiliates, and within two months in 2018 had infected over 50,000 victims and claimed between US$300,000 and $600,000 in ransoms.

“By reviewing and highlighting these developments in the Report, organizations can get a better understanding of the threats they face, and how they prevent them impacting on their business.”

Safety solutions startup wins ‘radical generosity’ funding
Guardian Angel Security was one of five New Zealand businesses selected by 500 women (SheEO Activators) who contributed $1100 each.
Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
Why AI and behaviour analytics should be essential to enterprises
Cyber threats continue to increase in number and severity, prompting cybersecurity experts to seek new ways to stop malicious actors.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Cryptojacking and failure to patch still major threats - Ixia
Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.
Princeton study wants to know if you have a smart home - or a spy home
The IoT research team at Princeton University wants to know how your IoT devices send and receive data not only to each other, but also to any other third parties that may be involved.
Organisations not testing incident response plans – IBM Security
Failure to test can leave organisations less prepared to effectively manage the complex processes and coordination that must take place in the wake of an attack.