Cryptomining Replaces Ransomware as Most Popular Cybercrime Malware
Analysis of vulnerability and threat trends shows cryptomining malware dominates threat landscape in the first half of 2018
SAN JOSE, Calif., July 18, 2018 (GLOBE NEWSWIRE) -- Skybox® Security, a global leader in cybersecurity management, announced today the release of its mid-year update to the Vulnerability and Threat Trends Report which analyzes vulnerabilities, exploits and threats in play. The report, compiled by the team of security analysts at the Skybox® Research Lab, aims to help organizations align their security strategy with the reality of the current threat landscape.
The mid-year update explores trends observed from January to June of 2018. One of the most significant findings is the replacement of ransomware as the cybercriminal tool of choice with cryptomining malware. In the last six months of 2017, ransomware accounted for 32 percent of attacks, while malicious cryptominers accounted for seven percent. By the first half of 2018, the figures had switched almost exactly: malicious cryptominers accounted for 32 percent of attacks while ransomware dropped to eight percent.
"In the last few years, ransomware reigned supreme as the shortcut money-maker for cybercriminals," said Ron Davidson, Skybox CTO and vice president of R&D. "It doesn't require data exfiltration, just encryption to hold the data hostage and a ransom note of how the victim can pay up. With cryptominers, the criminals can go straight to the source and mine cryptocurrency themselves. There's no question of if they'll be paid or not."
Cryptomining uses the computational power of compromised assets to create new blocks in the blockchain of like Bitcoin and Monero. The malicious or unauthorized cryptomining approach indeed avoids several of the drawbacks of ransomware:
- The victim doesn't need to be notified of the attack in order to pay the ransom, so it can continue indefinitely in a stealth manner
- Cryptocurrency can be mined over long-periods of time, rather than the cybercriminal receiving a single lump-sum ransom payment
- There is no decision of payment on the part of the victim - the attack itself controls how much money will be generated.
"Ransomware received a lot of attention in years past, especially thanks to the likes of WannaCry, NotPetya and BadRabbit," said Skybox Director of Threat Intelligence Marina Kidron and leader of the Research Lab behind the report. "To some extent, organizations took note and put effective precautions in place, ensuring they had reliable back-ups and even thwarting attackers with decryption programs. So cybercriminals found - in cryptomining- a path of lesser resistance. The recent uptick in value of cryptocurrencies also made this an incredibly profitable attack option."
Other findings in the report appear to relate to this rise in cryptomining. Internet and mobile vulnerabilities made up nearly a third of all new vulnerabilities published in the first half of 2018. Google Android had by far the most vulnerabilities during that time period, exceeding the tally of the next five most vulnerable vendors combined. Android also logged 200 more vulnerabilities than it did in the second half of 2018. Malicious cryptomining has found an advantage in targeting the app store of the global market leader in mobile devices, with billions of potential targets worldwide.
Browser-based malware is also on the rise in the first half of 2018. "Out of all software today, web browsers are considered the most prone to malicious attacks," said Kidron. "They constantly interact with websites and applications that cybercriminals have infected with malware like cryptominers and other threats via the web, which are notoriously difficult to detect. The cryptomining malware could be active as long as the web session is active, and 'file-less' cryptominers also can hide from conventional security tools as there's no download or attachment to analyze."
No matter the payload, attackers looking to exploit vulnerabilities have more resources than ever. Not only are dark web market places rich with attack tools and services, and criminal forums ripe with information, vulnerabilities themselves have skyrocketed. New vulnerabilities catalogued by MITRE's National Vulnerability Database doubled in 2017 over the previous year, and 2018 looks to be on track to shatter even that record. The 2017 surge and continued elevated numbers is largely due to organizational improvements at MITRE and increased security research by vendors and third-parties, including vendor-sponsored bug bounty programs. But no matter the reason, organizations have to employ smarter and faster ways to find the signal in the noise and mitigate vulnerability risks before they're used in an attack.
Skybox recommends establishing a threat-centric vulnerability management (TCVM) program to adapt to these changes in the threat landscape and those yet to come. The TCVM approach helps security practitioners focus on the small subset of vulnerabilities most likely to be used in an attack by incorporating vulnerability and threat intelligence with the context of their assets, network and security controls. This way, remediation is targeted at the greatest areas of risk while leveraging all response options - patching as well as network-based changes.
About Skybox Research Lab
The Skybox Research Lab is team of security analysts who daily scour data from dozens of security feeds and sources as well as investigate sites in the dark web. The Research Lab validates and enhances data through automated as well as manual analysis, with analysts adding their knowledge of attack trends, cyber events and TTPs of today's attackers. Their ongoing investigations determine which vulnerabilities are being exploited in the wild and used in distributed crimeware such as ransomware, malware, exploit kits and other attacks exploiting client- and server-side vulnerabilities.
For more information on the methodology behind the Skybox Research Lab and to keep up with the latest vulnerability and threat intelligence, visit www.vulnerabilitycenter.com.
About Skybox Security
Skybox provides the industry's broadest cybersecurity management platform to address security challenges within large, complex networks. By integrating with 120 networking and security technologies, the Skybox® Security Suite gives comprehensive attack surface visibility and the context needed for informed action. Our analytics, automation and intelligence improve the efficiency and performance of security operations in vulnerability and threat management and firewall and security policy management for the world's largest organizations.
© 2018 Skybox Security, Inc. All rights reserved. Skybox Security and the Skybox Security logo are either registered trademarks or trademarks of Skybox Security, Inc., in the United States and/or other countries. All other trademarks are the property of their respective owners. Product specifications subject to change at any time without prior notice.
Director of Brand and Communications
408-205-1618 | Tawnya.email@example.com
OneChocolate for Skybox Security
United Kingdom: Daniel Couzens
+44 (0)20 7437 0227 | DanielC@onechocolatecomms.co.uk
Germany: Melanie Grasser
+49 (0)89 3888 920 10 | MelanieG@onechocolatecomms.de
France: Xavier Delhôme
+33 1 41 31 75 09 | firstname.lastname@example.org
A photo accompanying this announcement is available at http://www.globenewswire.com/NewsRoom/AttachmentNg/8c26e3be-8dd4-457a-b19b-becd7c28c469
The issuer of this announcement warrants that they are solely responsible for the content, accuracy and originality of the information contained therein.
Source: Skybox Security via Globenewswire
Följ NASDAQ OMX
Abonnera på våra pressmeddelanden.
Senaste pressmeddelandena från NASDAQ OMX
Immunicum AB (publ) Announces Appointment of Pawel Kalinski and Inge Marie Svane to Scientific Advisory Board17.9.2018 08:00 | Pressmeddelande
Press Release 17 September 2018 Immunicum AB (publ) Announces Appointment of Pawel Kalinski and Inge Marie Svane to Scientific Advisory Board Immunicum AB (publ; IMMU.ST) announced today the appointment of leading oncology experts to its Scientific Advisory Board with the addition of Pawel Kalinski, MD, PhD, Vice Chair for Translational Research within the Department of Medicine at Roswell Park Comprehensive Cancer Center, and Inge Marie Svane, MD, PhD, Professor, Head of the Clinical Cancer Research programme, Faculty of Health Sciences, University of Copenhagen, Director, Centre for Cancer Immunotherapy (CCIT), and consultant in Oncology, Herlev University Hospital. Both Scientific Advisory Board members will serve as a strategic resource to Immunicum as the company continues to advance the clinical development of its lead product, ilixadencel. "We are honored to have such highly specialized experts in the field of immuno-oncology and cell therapy join our Scientific Advisory Board a
Immunicum AB (publ) meddelar att Pawel Kalinski och Inge Marie Svane har valts in i det vetenskapliga rådet17.9.2018 08:00 | Pressmeddelande
Pressmeddelande 17 september 2018 Immunicum AB (publ) meddelar att Pawel Kalinski och Inge Marie Svane har valts in i det vetenskapliga rådet Immunicum AB (publ; IMMU.ST) meddelade i dag att två ledande immun-onkologiska experter har valts in i bolagets vetenskapliga råd för att fungera som strategiska resurser för Immunicum under bolagets fortsatta kliniska utveckling av sin ledande produkt, ilixadencel. Pawel Kalinski, MD, PhD, vice ordförande för translationell forskning vid den medicinska institutionen vid Roswell Park Comprehensive Cancer Center, och Inge Marie Svane, MD, PhD, professor, chef för det kliniska cancerforskningsprogrammet på medicinska fakulteten vid Köpenhamns universitet, chef för Center för cancerimmunterapi (CCIT) samt överläkare inom onkologi, Herlevs universitetssjukhus har valts in i rådet. - Vi är hedrade att ha experter med specialistkompetens inom området immunonkologi och cellterapi i vårt vetenskapliga råd, vilka kan erbjuda ytterligare vägledning när det
Hoylu AB: HOYLU HIRES NEW CTO, SATOSHI NAKAJIMA AND ANNOUNCES EXPANSION INTO JAPAN14.9.2018 08:30 | Pressmeddelande
Malmo, Sweden, September 14, 2018 - Hoylu, a leading enterprise collaboration company, announced today Satoshi Nakajima will join Hoylu in the newly created position, as Chief Technology Officer and President of Hoylu Japan. Nakajima will guide the strategic technology direction and innovation of Hoylu while also leading the new Hoylu office in Tokyo, Japan. "Satoshi is a visionary and world-class technologist who has substantial experience in delivering world class innovations. He is joining the Company as we are extending our reach and expanding into Japan," said Stein Revelsby, CEO. "Satoshi's extensive experience in strategy and delivering technology that support a great user experience will make an immediate impact on the company." Nakajima will serve as President of Hoylu Japan and will report to Stein Revelsby. His leadership will strengthen customer relations and help develop new business among emerging and established Japanese companies while strengthening the global position
Hoylu AB: HOYLU ANSTÄLLER SATOSHI NAKAJIMA SOM NY CTO OCH EXPANDERAR TILL JAPAN14.9.2018 08:30 | Pressmeddelande
Malmö, Sverige, 14 september 2018 - Hoylu, ett ledande företag inom samarbetsmjukvara för företagsmarknaden annonserar idag att Satoshi Nakajima tar anställning som CTO (Chief Technology Officer) och President för Hoylu Japan. Nakajima kommer styra den strategiska inriktningen för företagets produkter och leda innovationsarbetet. Han kommer också leda Hoylus nyöppnade kontor i Tokyo, Japan. Satoshi är en visionär teknologiexpert som har stor erfarenhet av att skapa innovativa lösningar. Han kommer till Hoylu samtidigt som vi utökar marknaden till att även täcka in Japan säger Stein Revelsby, VD. "Satoshis långa och gedigna erfarenhet i strategiska frågor och tekniska lösningar med fokus på användarupplevelse kommer få stor betydelse för oss." Nakajima kommer även att bli President för Hoylu Japan och kommer rapportera till Stein Revelsby. Hans ledarskap kommer stärka existerande kundrelationer och utveckla nya affärer på den japanska marknaden och samtidigt bidra till att flytta fram p
LeoVegas AB: LeoVentures invests in esports betting - Pixel.bet13.9.2018 08:45 | Pressmeddelande
The LeoVegas Group, through its wholly owned investment company LeoVentures Ltd, has acquired 51% of the shares in Pixel Holding Group Ltd, which runs the esports betting operator Pixel.bet. The investment amounts to EUR 1.5 million for 51 percent of the company and is made through a new issue. Pixel.bet's vision is to create the greatest gaming experience in betting on esports www.pixel.bet "Esports is an international and fast-growing area that engages millions of viewers and players every month. With this investment in Pixel.bet we as a Group will gain unique insight into a new and fast-growing segment," comments Gustaf Hagman, LeoVegas' Group CEO and co-founder of LeoVegas Mobile Gaming Group. "In Pixel.bet we have found a passionate team of entrepreneurs who come from the esports community. With its strong technology and mobile-first gaming experience, Pixel.bet is a perfect match for the LeoVegas Mobile Gaming Group. Together we will drive development for the absolute premier exp
LeoVegas AB: LeoVentures investerar i esport betting - Pixel.bet13.9.2018 08:45 | Pressmeddelande
LeoVegas-koncernen har, genom sitt helägda investmentbolag LeoVentures Ltd förvärvat Pixel Holding Group Ltd, som driver esport betting operatören pixel.bet. Investeringen uppgår till 1,5 miljoner euro för 51 procent av bolaget och görs genom en nyemission. Pixel.bets vision är att skapa den främsta spelupplevelsen inom betting på esport www.pixel.bet "Esport är ett internationellt och snabbt växande område som engagerar miljontals tittare och utövare varje månad. Med investeringen i Pixel.bet får vi som koncern en unik inblick i ett nytt och snabbt växande segment.", säger Gustaf Hagman, Group CEO och co-founder av LeoVegas Mobile Gaming Group. "I Pixel.bet fann vi ett passionerat entreprenörsteam som verkligen kommer inifrån esport communityn. Med en riktigt bra teknik och spelupplevelse utvecklad mobile-first är det en perfekt match med LeoVegas Mobile Gaming Group. Tillsammans ska vi driva utveckling för den absolut främsta upplevelsen inom esport betting.", säger Robin Ramm-Ericso
I vårt pressrum kan du läsa de senaste pressmeddelandena, få tillgång till pressmaterial och hitta kontaktinformation.Besök vårt pressrum