According to a new security report by Malwarebytes, Ransomware attacks were up ten-fold last year on the back of the WannaCry and NotPetya attacks. And the bad guys are spreading their resources with attacks using a number of there tools all on the rise. In short, it's been a bad 12 months for those protecting systems and threat actors have reaped a bumper crop.
According to the Malwarebytes report, ransomware is now the fifth most common attack method. But a number of other attacks were also on the rise over 2017.
- Ransomware (1000% increase)
- Hijacker (522% increase)
- Spyware (200% increase)
- Worms (50% increase)
And while adware saw a modest 15% increase in 2017 over 2016, it remains the most prevalent form of malware the security firm found.
Cryptojacking, where processor power is leached to mine cryptocurrencies, is a relatively new threat vector that emerged last year, with around 8 million drive-by attacks detected each day last September.
The primary motivation, according to the report, is financial gain but when criminals can't steal money directly, they will turn to data theft as a secondary target.
One of the keys here, I think, is the need to adjust threat detection to look for anomalous CPU activity. Cryptojacking will continue to be an new threat and it's unlikely it will be detected through the exfiltration of business data or other traditional logging. But unusual end-point processor use is a sure sign that some sort of cryptojacking is taking place.