Signalling massive threat to cyber and personal security
Cyber criminals are rapidly adding cryptojacking to their arsenal and creating a highly profitable new revenue stream, as the ransomware market becomes overpriced and overcrowded, according to Symantec’s latest Internet Security Threat Report, released today.
“Cryptojacking is a rising threat to cyber and personal security,” said Mike Fey, president and COO, Symantec. “The massive profit incentive puts people, devices and organizations at risk of unauthorized coinminers siphoning resources from their systems, further motivating criminals to infiltrate everything from home PCs to giant data centers.”
Symantec’s ISTR provides a comprehensive view of the threat landscape, including insights into global threat activity, cyber criminal trends and motivations for attackers. The report analyses data from the Symantec Global Intelligence Network™, the largest civilian threat collection network in the world which tracks over 700,000 global adversaries, records events from 98 million attack sensors worldwide and monitors threat activities in over 157 countries and territories. Key highlights include:
- Cryptojacking attacks explode by 8,500% with the UK ranked as the fifth highest country worldwide with a staggering 44,000% increase in coinminer detections
- IoT devices continue to be ripe targets for exploitation with a 600% increase in overall IoT attacks in 2017
- Business-savvy cyber criminals price ransomware for profit by lowering the average ransom cost to $522 (less than £374) and signalling that ransomware has become a commodity.
- Implanted malware grows by 200%, compromising software supply chain – hijacking software updates provides attackers with an entry point for compromising well-guarded networks.
- Mobile malware continues to surge with the number of new mobile malware variants increasing by 54% and 63% of grayware apps leak the device’s phone number
- Majority of targeted attackers use single method to infect victims. 71% of all targeted attacks started with spear phishing – the oldest trick in the book – to infect their victims
“Attackers could be co-opting your phone, computer or IoT device to use them for profit,” said Darren Thomson, CTO and VP EMEA at Symantec. “People need to expand their defenses or they will pay for the price for someone else using their device.”