Cybercrime is becoming increasingly democratised - and not in a good way.
According to the second instalment of Check Point’s 2019 Security Report, the tools and services used to commit cybercrime have become well-managed with advanced attack methods now readily available to anyone willing to pay for them as part of the surging ‘malware-as-a-service’ industry.
“The second instalment of our 2019 Security Report shows how cyber-criminals are successfully exploring stealthy new approaches and business models, such as malware affiliate programs, to maximise their illegal revenues while reducing their risk of detection,” says Check Point Software Technologies chief marketing officer Peter Alexander.
“But out-of-sight shouldn’t mean out-of-mind: Even though cyberattacks during 2018 have been lower-profile, they are still damaging and dangerous.”
There were many highlights of the report, which included:
Cryptominers have been actively digging undetected on networks, having infected 10x more organisations than ransomware in 2018. However, only one in five IT security professionals were aware their company’s networks had been infected by mining malware. 37 percent of organisations around the world were affected by cryptominers in 2018, while 20 percent continue be hit every weel despite an 80 percent decline in cryptocurrency values.
Organisations are underestimating the threat risk of cryptominers, as just 16 percent stated cryptomining when asked what they rated as the biggest threat to their organisation - compared with phishing with 66 percent, ransomware with 54 percent, data breaches with 53 percent, and DDoS attacks with 34 percent. Check Point says this is concerning as cryptominers can easily act as stealth backdoors to download and launch other types of malware.
There has been a significant rise of malware-as-a-service, as the GandCrab Ransomware-as-a-Service affiliate program shows how amateurs can now profit from the ransomware extortion business as well. Users are able to keep up to 60 percent of the ransoms collected from victims, while the developers keep up to 40 percent. GandCrab has over 80 active affiliates, and within two months in 2018 had infected over 50,000 victims and claimed between US$300,000 and $600,000 in ransoms.
“By reviewing and highlighting these developments in the Report, organizations can get a better understanding of the threats they face, and how they prevent them impacting on their business.”