Crypto-Mining Malware on the Rise in 2018
In the first half of 2018, detections of crypto-mining malware skyrocketed by 96% compared to the entire previous year. Cyber-criminals are increasingly turning to more covert methods of making money, according to the latest report from Trend Micro.
Increased Threat Landscape
Trend Micro reported that it blocked over 20 billion threats in the first six months of this year. However, the landscape of cyber threats is evolving. There has been a decrease in new ransomware families discovered for the first time since 2005. Instead, attackers are employing crypto-jacking, fileless malware, macro malware, and small file malware techniques to avoid detection.
Statistics and Trends
There was a staggering 956% increase in cryptocurrency malware detections compared to the first half of 2017. Additionally, there was a 250% increase in detections of small file malware, specifically TinyPOS, compared to the second half of 2017. These findings are consistent with other research in the cybersecurity industry.
Check Point reported that the number of organizations affected by cryptojacking has doubled from just under 21% in the second half of 2017 to 42% in the first half of 2018. Cyber-criminals have reportedly made an estimated $2.5 billion over the past six months through these illicit activities.
Adapting to New Threats
Bharat Mistry, principal security strategist for Trend Micro, emphasized the importance of organizations evaluating and updating their defenses to combat the latest threats posed by cyber-criminals. The ever-changing tactics, tools, and procedures used by attackers require constant vigilance.
SCADA Vulnerabilities and Data Breach Reporting
Despite the implementation of the GDPR, data breach reporting remained consistent during the period. However, Trend Micro’s Zero Day Initiative reported a doubling of SCADA vulnerabilities in the first half of 2018 compared to the same period in 2017. Operators of Human Machine Interface (HMI) systems are advised to be vigilant against potential attacks as threat actors escalate their activities.
In total, the Zero Day Initiative published over 600 advisories in the first six months of 2018, highlighting the ongoing need for proactive cybersecurity measures.