Based on data from the first quarter of 2018, Positive Technologies analysts have identified a 32-percent increase in the number of unique cyber incidents compared to the equivalent period last year. Other findings include greater hacker interest in data and an increased use of malware in attacks, which has grown by 75% since Q1 2017.
As noted in the Positive Technologies report, CybersecurityThreatscape Q1 2018, data theft attacks are making up a larger share of the total (13 percent more than the 2017 average). In particular, hackers are seeking personal information and account credentials. "Attackers are planning to either use these credentials in future attacks or profit by selling this information on the black market," says Leigh-Anne Galloway, Cyber Security Resilience Lead at Positive Technologies.
Individuals were primarily victims of malware, which was used in five out of six attacks.
Galloway continues: "Our research shows that 63 percent of attacks included use of malware. Spyware, in particular, is used most often because it allows obtaining not only personal information and corporate secrets, but credentials for the services and systems needed to attack internal corporate infrastructure." Cryptocurrency miners (such as WannaMine and RubyMiner) accounted for 23 percent of malware attacks.
Attacks on government increased as well, making up 16 percent of the total in Q1 2018. The majority of these attacks involved spyware. Most often, malware was placed on government infrastructure by means of phishing emails. In March 2018, for example, the Positive Technologies Expert Security Center detected a phishing campaign making use of SANNY spyware against government targets.
Finance and banking tend to take the brunt of cyberattacks. In Q1, 64 percent of attacks on banks were aimed at direct financial gain. The remaining 36 percent targeted sensitive information, such as client balances.
Galloway shared a few predictions as well: “We expect that the number of unique cyberattacks will continue to grow. New types of malware, and especially spyware, will appear. Those behind phishing attacks will likely try to take advantage of interest in worldwide events also.”