Ransomware doubled in second half of 2016, says Check Point

Key malware trends

According to the report, Check Point researchers identified three key trends during the second half of 2016, with the first being the monopoly in the ransomware market.

According to Check Point researchers, thousands of new ransomware variants were observed in 2016.

Key malware trends

According to the report, Check Point researchers identified three key trends during the second half of 2016, with the first being the monopoly in the ransomware market.

According to Check Point researchers, thousands of new ransomware variants were observed in 2016. In recent months, they witnessed a change in the ransomware landscape as it became more and more centralised, with a few significant malware families dominating the landscape.

The second main trend that emerged was DDoS attacks via IoT devices.

In August 2016, the infamous Mirai botnet was discovered, which attacks vulnerable internet-enabled digital such as video recorders (DVR) and surveillance cameras. It turns them into bots, using the compromised devices to launch multiple high-volume distributed denial of service (DDoS) attacks.

Check Point researchers said it is now clear that vulnerable IoT devices are in use in almost every home, and massive DDoS attacks that are based on exploiting these devices will persist.

The third trend that came to light was the prevalance of new file extensions used in spam campaigns.

The most prevalent infection vector used in malicious spam campaigns throughout the second half 2016 was downloaders based on Windows Script engine (WScript).

Downloaders written in Javascript (JS) and VBScript (VBS) dominated the mal-spam distribution field, together with similar yet less familiar formats such as JSE, WSF, and VBE, the report revealed.

“The report demonstrates the nature of today’s cyber environment, with ransomware attacks growing rapidly,” said Maya Horowitz, threat intelligence group manager at Check Point.

“This is simply because they work, and generate significant revenues for attackers. Organisations are struggling to effectively counteract the threat,” she said.

According to Horowitz, many organisations do not have the right defenses in place, and may not have educated their staff on how to recognise the signs of a potential ransomware attack in incoming emails.

“Additionally our data demonstrates that a small number of families are responsible for the majority of attacks, while thousands of other malware families are rarely seen,” she said.

Leave a Reply

Your email address will not be published. Required fields are marked *