In the current threat environment, no one is surprised at the announcement that a new malware sample has emerged. Infections and data breaches have become so common that many business leaders know that it’s no longer about if an attack will take place, but when. And in light of recent findings by top security and communication organizations, it’s clear that this is a good approach to take.
According to a report from Symantec, over 317 million new malware samples were uncovered in 2014. This translates to almost one million never-before-seen threats being released into wild on a daily basis.
New malware: Exploiting old vulnerabilities
Research findings revealed that there were certain types of malware that were seen more often than others, including attacks on the mobile platform and phishing schemes. However, the vast majority relied on the fact that many enterprises don’t keep their critical systems up to date.
According to CNN Money contributor Virginia Harrison, in 90 percent of attacks last year, hackers leveraged old vulnerabilities that already had patches available – some of which were discovered as early as 2002. Some samples exploited a weakness in IT remote management, a flaw that was first uncovered in 1999. Many of these attempts were successful because companies hadn’t yet addressed the vulnerabilities in their infrastructures, despite the fact that many of these weaknesses were more than a decade old.
“While it seems like a no brainer [to] fix some of these things, organizations care more about making widgets,” noted Verizon security data scientist Bob Rudis. “They just don’t have the manpower or time.”
Attack styles: Extortion and social media
While many samples leveraged older flaws, some hinged on newer technology. For example, the report noted that ransomware attacks – a newer attack style that has emerged in the last few years – increased 113 percent last year. Ransomware samples lock users out of their files and demand payment before information is decrypted.
In addition, researchers noticed a rise in digital scams relating to social media, including those using posts with malicious links. Hackers have also been known to leverage information publicly available in individuals’ social media profiles to create more custom, targeted attacks, such as those involved in phishing schemes. When messages are addressed to a specific person and appeal to their interests, there is a greater chance for infection.
Data breaches: Targeted attacks continue
The report also found increased data breaches resulting from targeted attacks. In these instances, hackers know what they’re after, and pinpoint a specific business to exploit in order to gain access to the information they want. According to the report, five out of six large enterprises were the target of cybercriminal activity last year, representing a 40 percent increase from 2013.
In addition, researchers discovered that certain industrial sectors were more likely to be attacked than others. Last year, for example, there were a rising number of attacks on organizations in the mining industry, as well as the energy sector.
Malware samples: Easier to create than ever
Digital Trends noted that more malware samples were created between 2013 and 2014 than in the past decade combined. Contributing to this historic rise in threats is the fact that malware is now easier to engineer than ever before.
“No matter what it’s designed to do, from the cybercriminal’s perspective, not only can deploying malware on the Internet be lucrative, but nowadays it has become easy and effective,” Digital Trends contributor William Harrel wrote. “Today’s would-be hackers can purchase (and sometimes download for free) malware code to perform specific tasks. A ne’er-do-well doesn’t need advanced programming experience to spread, infect, steal and destroy.”
This also streamlines the process for creating custom samples – a hacker can take an existing infection and tailor it with available malicious code to establish a completely new threat.
Spreading fast: Less than 2 minutes from release to infection
Not only are malware samples being created quicker than ever, infections are also spreading like wildfire. Harrison reported that a malicious email campaign, for example, takes only an average of 82 second before it claims its first victim. This also makes malware creators more confident in their samples, encouraging repeat offenses.
“[W]hen hackers successfully break into a particular type of company – like a bank or movie studio – they’ll use the same method to attack another firm in that industry within 24 hours,” Harrison wrote.
More victims, higher costs
As malware permeates businesses in nearly every sector, the costs related to these incidents continue to rise. Digital Trends noted that cybercrime cost the U.S. $38 billion in 2013, and reached $143 billion last year. What’s more is that these price tags are predicted to increase even further, costing businesses an estimated $2 trillion by 2019.
Security researcher James Moar told Security Magazine that many malware authors will continue to leverage the strategies that have worked well in the past as opposed to entering into new territory.
“Currently, we aren’t seeing much dangerous mobile or IoT malware because it’s not profitable,” Moar said. “The kind of threats we will see on these devices will be either ransomware, with consumers’ devices locked down until they pay the hackers to use their devices, or as part of botnets, where processing power is harnessed as part of a more lucrative hack. With the absence of a direct payout from IoT hacks, there is little motive for criminals to develop the required tools.”