Q2 2018 statistics show 47 percent more incidents than in Q2 2017. Targeted attacks, at 54 percent, outnumbered mass campaigns.
Positive Technologies’ report Cybersecurity Threatscape Q2 2018, found that data theft is the objective of an increasing number of online attacks. The most attractive targets were personal data (30%) and credentials (22%), especially for online banking. To steal this data, attackers compromised a wide range of websites, including web stores, ticket vendors, and hotel booking services.
In May and June, a surge of attacks swept through cryptocurrency, affecting Verge, Monacoin, Bitcoin Gold, ZenCash, Litecoin Cash, and others. Attackers stole over $100 million in total. The number of these attacks in Q2 was over twice that in Q1 2018.
Although malware attacks became relatively less common (49% in Q2 compared to 63% in Q1), they still retain the top position for attack method. Attackers still find plenty of ways to incorporate leaked NSA exploits into their own malware. In one example, PyRoMine mining malware used the EternalRomance exploit (MS17-010) to steal computing power and create a hidden administrator account with remote desktop capabilities, setting the stage for subsequent attacks. At the same time, the popularity of other attack methods has increased significantly, for example, the exploitation of web vulnerabilities (18% in Q2 compared to 12% in Q1) and credential compromise (19% in Q2 compared to 7% in Q1).
The share of attacks on web resources has increased year-over-year (32% in Q2 2018 compared to 23% in Q2 2017). IoT devices were also hit by a larger percentage of attacks in comparison with Q1. Experts largely associate this increase with new botnets such as PyRoMineIoT, Muhstik, and Wicked Mirai.
Leigh-Anne Galloway, Cyber Security Resilience Lead at Positive Technologies, summed up the current situation: "Cyberattacks in Q2 victimized 765 million ordinary users to the tune of tens of millions of dollars. Today, you can never be sure that criminals don't have your credit card number from one source or another. Even when you buy a brand-new smartphone in a store, you can still end up getting pre-installed malware. The upward trend in data theft will likely endure. Many companies fail to properly secure information, making it easy for even low-skilled hackers to steal customer data. Once stolen, this data is often sold on the darknet, as detailed in our report on the criminal cyberservices market."