Malwarebytes Labs, an internet security company focused on malware detection and prevention, released its Cybercrime Tactics and Techniques Report for Q1 2019. The report provides hard data into the malware attack ecosystem. In a blog post on the company’s website, director Adam Kujawa said the main takeaway is a large increase between attacks since 2018.
“Consumers might breathe a sigh of relief seeing that malware targeting them has dropped by nearly 40 percent, but that would be short-sighted,” he said. “Consumer data is more easily available in bulk from business targets, who saw a staggering 235 percent increase in detections year-over-year. Cybercriminals are using increasingly clever means of attack to get even more value from targets through the use of sophisticated Trojans, adware and ransomware.”
Results of Malwarebytes Labs’ March Data Survey
Malwarebytes Labs collected the data for the report by surveying 4,000 respondents, across 66 countries, about the privacy of their data. Questions included respondents’ use of personal data online, propensity to run frequent software updates, knowledge of app permissions, and more.
Statistical highlights from the report include:
- 650% increase in the number of businesses that fell victim to the Emotlet trojan
- 195% increase in the number of ransomware attacks against corporate targets
- 60% increase in the number of malware attacks against Mac computers
Attacks Against Businesses Rise
One of the key takeaways from the report is the shift in fraudster focus. In the past, the majority of attacks occurred against individuals and private interests. However, it appears that is no longer the case. Increasingly, the main target is corporate assets.
“Malware authors pivoted in the second half of 2018 to target organizations over consumers, recognizing that the bigger payoff was in making victims out of businesses instead of individuals,” the report said. “Overall business detections of malware rose significantly over the last year—79 percent to be exact—and primarily due to the increase in backdoors, miners, spyware, and information stealers.”
In addition, the report specifies the threat is not contained to large corporations alone. In fact, fraudsters also now make use of vulnerabilities in EternalBlue and EternalRomance to target SMBs as well.