McAfee today launches its quarterly McAfee Labs Threats Report revealing the latest trends in cyber threat growth. Since last quarter, the amount of new cyber threats found every second has doubled, with McAfee Labs detecting 478 new cyber threats every minute or 8 every second.
The report takes a detailed look at the latest tactics employed by criminal groups, reporting a clear diversifying of strategy with a move from traditional money makers such as ransomware, to the practice of hijacking Bitcoin and Monero wallets.
Alongside this, the report reveals the extent to which the healthcare sector is under attack. McAfee Labs found a 211% surge in disclosed security incidents against the healthcare industry, with many incidents caused by organisational failure to comply with security best practices or address known vulnerabilities in medical software.
Additional key findings include:
- Fileless malware leveraging Microsoft PowerShell grew 267% in Q4 2017
- New ransomware grew 35%; ending 2017 with 59% growth year over year
- New mobile malware decreased by 35%; infection rates remain highest in Asia
- NewMac OS malware samples increased by 24% in Q4; total Mac OS malware grew 243% in 2017
Nigel Hawthorn, Data Privacy Expert at McAfee commented below.
Nigel Hawthorn, Data Privacy Expert at McAfee:
“Our research reveals a 211% surge in disclosed security incidents against the healthcare industry last quarter. Healthcare organisations are a valuable target for cybercriminals who have set aside ethics in favour of profits, as they hold some very valuable personal data. Many incidents were caused by organisational failure to comply with security best practice or address known vulnerabilities in medical software.
“Given the complex requirements of the GDPR and its governance on where data goes, how it is shared and who can access it, businesses need to be prepared to take a holistic approach to GDPR compliance. Businesses must confidently understand GDPR compliance gaps and implement necessary controls to address them across all cloud services – including services like Office 365, Box, Salesforce and Slack, as well as custom applications running in public infrastructure-as-a-service platforms.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.