The first quarter of 2020 proved that malware attacks can be resorted to in any environment. We have seen threat actors develop new tools and techniques to attack corporate assets stored on cloud infrastructure, mobile devices of individuals, trusted third-party applications, and popular mail platforms.
2020 New Malware Trends
Ransomware attacks are one of the most prevalent malware attacks in 2020. Collaborations between threat actors enabled even more destructive attacks that paralyzed many organizations around the world. A ransomware attack ends with a ransomware infection. Usually, it starts with a quieter sequence of bot infections.
While still visible, cryptominers are in decline. Only 21% of organizations around the world were affected by attacks by cryptominers this year, compared to 42% at its peak in 2018. This was the result of the closure of the ‘CoinHive drive-by mining service.
Public and government attention was drawn to software supply chain attacks. These attacks are carried out by malicious code-injectors who inject malicious code into legitimate applications. This results in a large number victims. Due to the number of cases that have been reported since the beginning of this year, the American government has taken special notice of this threat and will soon issue official recommendations to reduce the impact of such attacks.
These are just three of the major cyber trends for 2019, but they will still be very relevant in 2020.
Targeted ransomware, which was popular in 2018, has been proven to be effective in 2019. There are no shortage of targeted destructive ransomware attacks hitting the headlines every week. Emotet’s large victim base and distribution is used to select lucrative targets. This is one of the most prominent attack vectors. Emotet is used for spreading TrickBot within compromised corporate networks, which in turn deploys Ryuk and other ransomware to complete the payload. Every organization, including local governments, can be affected by targeted ransomware. This includes industrial corporations, airports, and even local government agencies. This is despite the fact that the notorious drive-by mining site ‘CoinHive was shut down in March. This has led to a decline in popularity for cryptominers among threat actor. To ensure that cryptominers are still popular in 2019, threat actors have adopted a new approach to cryptominers. They now target more lucrative targets than consumer PCs and design more robust operations. There are many new victims, including factories, factories, powerful servers, and even cloud resources. As if that wasn’t enough, they even integrated cryptominers into a DDoS botnet to make side-profits. DNS Attacks target the Domain Name System (DNS), which is one of the most important and vital mechanisms that govern the internet. DNS is responsible for resolving domain names into corresponding IP addresses. It is an integral part of the internet trust chain. These attacks target DNS providers, name-registrars, and local DNS server of the targeted organization. They are based upon manipulation of DNS records. DNS takeovers can compromise the entire network and allow multiple attack vectors, including control of email communications and redirection of victims towards phishing sites. DNS attacks offer a number of advantages. Certificate Authorities can issue legitimate-looking certificates that verify that you are the legitimate holder of the domain. This is why the Department of Homeland Security and Internet Corporation for Assigned Names and Numbers issued warnings about the potential danger to this critical component of the Internet infrastructure. DNS attacks can lead to large-scale attacks on government, internet and telecommunications infrastructures.
Data breaches by malware are on the rise
Malware–malicious code–is any code that is designed to cause harm and includes a variety of malicious programs such as viruses, Trojan horses, spyware, and other malware. Cybercriminals use malware in order to steal your data or take control of your system to spy on you, such as recording your passwords or other sensitive information.
According to Accenture, the average cost of malware attacks on organizations is $2.6 million annually. With more workers working remotely than ever before, data breaches from malicious software, attachments and phishing scams have increased exponentially. Malwarebytes reports that malware attacks on businesses increased 13% between 2018 and 2019. There were 9.6 million attacks detected in total between 2018 and 2019.
(Malwarebytes State Of Malware 2020)
When a user downloads a file, usually disguised as an attachment or email link, that allows malicious code to access your network, most organizations are infected. There are many ways to combat an attack once it is detected. However, in the case with malware, prevention is better than cure. Malware attacks can cause data breaches and brand trust losses that can cost thousands of dollars.
It’s easy to see why Epsilon is the most expensive data breach.