Story image

Cybercrime tools and services becoming increasingly democratised

07 Feb 2019

Cybercrime is becoming increasingly democratised - and not in a good way.

According to the second instalment of Check Point’s 2019 Security Report, the tools and services used to commit cybercrime have become well-managed with advanced attack methods now readily available to anyone willing to pay for them as part of the surging ‘malware-as-a-service’ industry.

“The second instalment of our 2019 Security Report shows how cyber-criminals are successfully exploring stealthy new approaches and business models, such as malware affiliate programs, to maximise their illegal revenues while reducing their risk of detection,” says Check Point Software Technologies chief marketing officer Peter Alexander.

“But out-of-sight shouldn’t mean out-of-mind: Even though cyberattacks during 2018 have been lower-profile, they are still damaging and dangerous.”

There were many highlights of the report, which included:

  • Cryptominers have been actively digging undetected on networks, having infected 10x more organisations than ransomware in 2018. However, only one in five IT security professionals were aware their company’s networks had been infected by mining malware. 37 percent of organisations around the world were affected by cryptominers in 2018, while 20 percent continue be hit every weel despite an 80 percent decline in cryptocurrency values.

  • Organisations are underestimating the threat risk of cryptominers, as just 16 percent stated cryptomining when asked what they rated as the biggest threat to their organisation - compared with phishing with 66 percent, ransomware with 54 percent, data breaches with 53 percent, and DDoS attacks with 34 percent. Check Point says this is concerning as cryptominers can easily act as stealth backdoors to download and launch other types of malware.

  • There has been a significant rise of malware-as-a-service, as the GandCrab Ransomware-as-a-Service affiliate program shows how amateurs can now profit from the ransomware extortion business as well. Users are able to keep up to 60 percent of the ransoms collected from victims, while the developers keep up to 40 percent. GandCrab has over 80 active affiliates, and within two months in 2018 had infected over 50,000 victims and claimed between US$300,000 and $600,000 in ransoms.

“By reviewing and highlighting these developments in the Report, organizations can get a better understanding of the threats they face, and how they prevent them impacting on their business.”

Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
Facebook fights fake news ahead of Africa elections
“We also show related articles from fact-checkers for more context and notify users if a story they have shared is rated as false.”
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.
Opinion: 4 Ransomware trends to watch in 2019
Recorded Future's Allan Liska looks at the past big ransomware attacks thus far to predict what's coming this year.