Anti-phishing solution provider PhishMe has published its 2016 Malware Year in Review – An analysis of the changing threat landscape throughout the year. The report shows that ransomware was the main growth area and had the biggest impact on businesses in 2016, although hackers still pose a major threat and are focused on stealing data from organizations.
“In addition to focusing on the ‘smash and grab’ of ransomware, threat actors also continue to quietly infiltrate the target’s environment, thus making it increasingly important to detect malware during the delivery phase,” said PhishMe Co-founder and Chief Technology Officer Aaron Higbee.
For the report, PhishMe analyzed more than 2,500 phishing attacks and identified the tools, techniques and tactics used by cybercriminals to spread malware. PhishMe points out in the report that while ransomware has become much more prevalent, cybercriminals are also using other forms of malware to steal private information. Ransomware may be making the headlines, but silent malware is still a major threat. These malware infections can remain undetected for long periods allowing cybercriminals to steal vast quantities of highly sensitive data.
Malware allows cybercriminals to spy on companies and identify their assets and ability to pay ransoms. When all useful data has been obtained, ransomware is deployed. This tactic allows criminals to adjust ransom payments and maximize profits.
The report also shows that the tactics use by cybercriminals to deliver malware and ransomware have changed, with lightweight scripts now favored such as JavaScript, VB and office macros instead of more traditional and cumbersome delivery tools. Scripts and macros are highly adaptable and are now harder to detect, resulting in more malicious emails being delivered to end users.
PhishMe’s research has also shown that cybercriminals are becoming more adept at evading detection and are now using advanced anti-analysis techniques and better obfuscation to avoid detection by security products.
“As threat actors continue to alter their techniques to circumnavigate modern security filters, a different approach in security is needed to prevent cyberattacks from unfolding. Organizations must work toward building a sound phishing defense program that empowers its staff to spot and report suspicious-looking correspondence before it is too late,” explained Higbee.
PhishMe’s 2016 Malware Year in Review can be downloaded on this link.