Cybersecurity firm, Malwarebytes, today announced its third annual State of Malware Report, which analyzes top malware threats from January through November 2018 and compares them with the same period in 2017. The report identifies a sharp increase in business-based malware detections, including more than 100 percent increase in Trojan, riskware tool, backdoor and spyware activity. Overall, the research shows that cybercriminals are finding businesses as the best target with the highest returns.
— Malwarebytes (@Malwarebytes) January 24, 2019
Gavin Millard, VP of Intelligence at Tenable:
“We are seeing an uptick in malware simply because attackers know it works. Cybercriminals are unlikely to change their tactics given what’s working at the moment is going after the low hanging fruit. While we might see malware variants increasing, be it a Trojan, riskware tool, backdoor or spyware, the way to nullify all is to patch the vulnerabilities they leverage.
The reality is that organisations are failing to practice basic cyber hygiene or address their Cyber Exposure leaving known vulnerabilities unpatched and ready for exploit. However, that’s easier said than done. Enterprises must triage an ever increasing number of critical vulnerabilities daily, with flaws favoured by attackers falling through the cracks.
Instead, we need to focus on the vulnerabilities that matter. Attackers love a Flash, Microsoft or WordPress flaw as, given the number of systems in use, the law of averages say that a weaponised exploit has a high probability of yielding results. Finding and fixing the flaws that pose the most risk (i.e. weaponised vulnerabilities) is critical to improving an organization’s Cyber Exposure.
The answer is there’s lots organisations can do to protect themselves from threats, so it’s not hopeless. When looking at the majority of recent breaches, nearly all can be traced back to either an exploitation of known vulnerabilities in unpatched systems (via either targeted or malware campaign), an abuse of authentication caused by poor identity management practices, or a combination of both.
To reduce the risk of a business impacting cyber event occurring, organisations must focus on practicing the fundamentals of strong cybersecurity: they need to have good visibility into what assets are connected to their networks, determine where they’re vulnerable as this is the route an attacker is likely to take, implement robust two factor authentication and then either patch or protect assets that matter.”