SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image

Ransomware and mobile malware hits peak, healthcare least prepared

Wed, 21st Sep 2016
FYI, this story is more than a year old

Ransomware and new mobile malware have reached their highest levels ever recorded, with healthcare and manufacturing among the least prepared industries to prevent information theft.

That's the findings from the latest McAfee Labs Threat Report, which also found the retail and financial services sector have the greatest cyber security protections in place to deal with data loss.

The research comes from a recent Intel Security survey titled 2016 Data Protection Benchmark Study where Intel Security interviewed organisations globally on data loss incidents, including the types of data leaking out and the ways in which data exits organisations.

According to the survey, retail and financial services organisations have deployed the most extensive protections against data loss, a finding McAfee Labs attributes to organisational responses to the frequency of cyber attacks and the value of the data held by companies in these two sectors.

Having sustained fewer cyber-attacks historically, healthcare and manufacturing enterprises have made fewer IT security investments, and as a result possess the least comprehensive data protection capabilities, the report reveals.

McAfee Labs says its researchers find the weaker defences in these two sectors particularly disturbing given that cybercriminals continue to shift their focus from easily replaceable payment card numbers to less perishable data such as personally identifiable information, personal health records, intellectual property and business confidential information.

"The gap between data loss and breach discovery is getting larger and organisations who haven't traditionally been the target of cyber attacks now need to be aware of the risks as cybercriminals find new ways to exploit businesses,” explains Intel Security APAC vice president Daryush Ashjari.

“If this isn't caution enough, the surges in ransomware to historic new heights in Q2 2016 come as a timely reminder to organisations to ensure the right practices and policies are in place to keep the business and its customers data secure at all times,” he says.

“It is befitting to highlight the importance of user awareness and corporates' responsibility to educate their uses and increase their awareness when it comes to ransomware."

The report found New Zealand and Australia are the most likely to employ a Data Loss Prevention (DPL) solution to monitor, rather than monitor and block, incidents (59%). The US is most likely to have set up their DLP solution to both monitor and block incidents (51%)

The report found New Zealand and have the lowest maturity score in terms of how fully deployed their DLP solution is (3.65) when compared to the global average (4.10).

Furthermore, Asia Pacific countries are more likely to report that certain activities cause increases in the average number of incidents recorded per day. In ANZ, the key causes of increases are new project deployment (45%), internal organisation (44%) and mergers - acquisitions (42%), the report says.

According to the survey results, the monitoring and blocking of suspicious uses of email is most likely to cause the highest number of daily incidents on average globally (21). New Zealand and Australia are likely to see the highest increase in the number of daily incidents generated as a result of monitoring and blocking suspicious use of email (43).

Global general findings from the research include:

  • More than 25% of companies surveyed do not monitor sharing of or access to employee or customer data
  • Nearly 40% of data losses involve some kind of physical media, such as thumb drives, however only 37% of organisations use endpoint monitoring of user activity and physical media connections that could counter such incidents
  • 90% of respondents have cloud protection strategies, but only 12% are confident in their visibility into the activity of their data in the cloud

Q2 Cyber attack statistics

  • Ransomware – the 1.3 million new ransomware samples detected in Q2 2016 was the highest ever recorded since McAfee Labs began tracking this type of threat. Total ransomware has increased 128% in the past year
  • Mobile Malware – the nearly 2 million new mobile malware samples was the highest ever recorded by McAfee Labs. Total mobile malware has grown 151% in the past year
  • Macro Malware – new downloader Trojans such as Necurs and Dridex delivering Locky ransomware drove a more than 200% increase in new macro malware in Q2
  • Mac OS malware – the diminished activity from the OSX Trojan Gen adware family dropped new Mac OS malware detections by 70% in the second quarter
  • Botnet activity – Wapomi, which delivers worms and downloaders, increased by 8% in Q2. Last quarter's number two, Muieblackcat, which opens the door to exploits, fell by 11%
  • Network Attacks – Assessing the volume of network attacks in Q2, denial-of-service attacks gained 11% in the quarter to move into first place. Browser attacks dropped by 8% from Q1. These most prominent attack types were followed by brute force, SSL, DNS, Scan, backdoor and others
Follow us on: