Microsoft’s Security Intelligence Research Reveals Decline in Ransomware and Malware attacks in 2018 In Ireland, but Phishing and Weaponised Cryptocurrency Mining Remain as Prevalent Threats
May 2019 by Microsoft
Microsoft’s latest Security Intelligence Report (volume 24) for 2018, shows that there has been a major decline in Ransomware and Malware attacks, with Ireland having some of the lowest rates globally.
This is a significant change from 2017, following a prolific series of attacks, including NotPetya, WannaCrypt, amongst others that targeted supply chains globally. Initial predictions were that these would increase, however, improvements in cybersecurity measures and detection have impacted on the success rates of these attacks. In fact, there has been a 60% drop in Ransomware attacks globally between March and December 2018.
Malware attacks also saw a large drop globally over 2018, with Ireland reporting the lowest monthly malware encounter rate of 1.26%.
Hackers Pivot to Phishing and Cryptocurrency Mining
The report also reveals that hackers have pivoted to more covert means, with an increased focus on exploiting users through social engineering methods like phishing to gain access and exploit data. Phishing rates have increased with cybercriminals also covertly using victims’ compromised computers for Cryptocurrency Mining.
While Cryptocurrency Mining is not a new phenomenon, there has been an increase in its prevalence globally over the last year. In 2018, the average worldwide monthly Cryptocurrency coin mining encounter rate was 0.12%, compared to just 0.05% for Ransomware. Many factors contribute to the increased popularity of mining as a payload for malware. Unlike Ransomware, Cryptocurrency mining does not require user input, it works in the background, while the user is performing other tasks or is away from the computer and may not be noticed at all unless it degrades the computer’s performance sufficiently. Another driver is the availability of ‘off the shelf’ products for covert mining of many Cryptocurrencies, which cybercriminals repackage as malware to deliver to unsuspecting users’ computers. The weaponised miners are then distributed to victims using many of the same techniques that attackers use to deliver other threats, such as social engineering exploits, and drive-by downloads. After the mining software is installed, it runs in the background on victims’ computers to perform the blockchain computations, with the attacker reaping the rewards, which grow in value as the price of the Cryptocurrency increases. Ireland again saw some of the lowest encounter rates of Cryptocurrency Mining at 0.02%.
Phishing – whether through email, malvertising, or any other channel – exploits users who pay little attention to details and are likely to click on an email link or an ad, and enter sensitive information when prompted, compromising their security. The report by Microsoft noted that by adopting both public cloud tools and hosted servers, the attackers have been able to disguise themselves more easily so that they give the impression of legitimate products or services.
“While we have seen a welcome drop in ransomware and malware attacks, it would be a mistake to assume the level of cyber threat to Irish organisations has also decreased,” said Des Ryan, Solutions Director, Microsoft Ireland. “We are seeing major behavioural change amongst criminal hackers, who want access to a victim’s computer and an organisation’s network to access data, but also use their computing power to mine for cryptocurrency. This is about playing the long game and exploiting people’s lack of training and understanding when it comes to cybercrime. Microsoft’s analysts predict phishing will continue to be an issue for the foreseeable future for that reason.”
As part of its on-going efforts to drive better security for organisations, Microsoft invests $1bn each year in security, with 3,500 full-time security professionals working at Microsoft, it analyses more than 6.5 trillion signals daily, processes 630 billion authentications monthly and scans 470 billion e-mails for malware and phishing monthly.
Poor Irish Employee Security Habits Could See Potential Increases in Phishing Attacks
Recent research from Microsoft on private and public sector organisations in Ireland showed that 54% of respondents within large organisations reported receiving cyber security training once a year. Only 16% of employees have updated their passwords in the last 12 months in line with their organisation’s policies.
Passwords have become too easy to guess or steal. Nearly a quarter (22%) of employees in Ireland write down their passwords. 77% of employees rely on their memory for their work and personal passwords. When it came to their password hygiene, two in five recycle their work passwords, and 44% recycle their personal passwords. Over the course of a year, only half of those surveyed change their passwords quarterly, with the same number claiming to only update their passwords once a year or less. The research discovered that employees working from home are much more likely to engage in risky security activities that increase the potential for data loss.
Nearly half (49%) of those working from home at least once a week used their personal email account for saving, editing, sending, or sharing work-related documents. 24% revealed that they have accidentally shared work-related material with friends and family. The research found that one in three are allowed by their company to use their personal device for work purposes.
Microsoft Tips for Staying Safe Online
To help educate people on best practice for staying safe online, Microsoft has developed a free online resource that provides tips on how to minimise the risk from cyber criminals. This covers everything from how to strengthen computer defences, to training on how to act cautiously while using the web. It also provides information on the essentials for keeping computers free from viruses, spyware, and other malicious software, as well as how to avoid being tricked into downloading them in the first place.