sb-as logo
Story image

Check Point's latest threat research taken from data you can see in real time

21 Aug 2017

Check Point has taken the latest results from its Cyber Attack Trends: Mid Year Report from data that viewers can see happening right in front of their eyes.

Along with the report, the company has released its new research platform, Check Point Research, which shares information about the threat landscape, trends and original research.

The report found that across APAC, the RoughTed and Fireball malware have been creating havoc at 22.8% and 18% respectively.

APAC also featured the highest rate of infections from the notorious WannaCry malware, accounting for 29% - the highest incident of infections compared to global statistics. The Locky and Cryptowall ransomware both totalled 15% of APAC attacks.

The Zeus malware was behind 40% of banking breaches and 18% were due to Ramnit.

The report notes four major breaches in Asia Pacific this year: In the first, McDonald’s India app McDelivery leaked personal data belonging to 2.2 million customers.

In March, Japanese payment processing provider GMO Payment Gateway leaked personal and financial data from the Tokyo Metropolitan Government and the Japan Housing Finance Agency.

In April, Melbourne IT suffered a massive DDoS attack that took 500,000 websites offline for an hour and a half.

Also in April, a hacker took over Australian-based company Atlassian’s group chat platform HipChat. The hacker was able to steal personal details such as names, emails, hashed passwords and chat room metadata.

The statistics for the global report were also formulated from Check Point’s ThreatCloud World Cyber Threat Map between January and June 2017. The threat map shows live detections of different malware types across the globe, including the originating attack country, target country, and type of malware.

As of this morning, the threat map found that out of 4.1 million breaches so far today, Russia, Italy, USA and Singapore were the top attack countries. Russia, India, Colombia and the USA were the top target countries.

“Organisations are struggling to effectively counteract the abundance of threats now in play. Hackers are making malware more sophisticated, and so the ability for unskilled hackers to inflict damage has risen dramatically,” comments Check Point’s Threat Intelligence Group manager, Maya Horowitz.

Ransomware attacks in EMEA (Europe, Middle East and Africa) have also doubled since this time last year, from an average of 26% to around 48% of the three main attack categories.

Check Point’s research also points to an increase in macro-based downloaders over the past six months. Microsoft Office files can now be exploited without the need for macros.

Two methods include disguised weaponised RTF files and also XML data in PowerPoint presentations.

Mobile malware across APAC covered a range of threats – 63% was classed as ‘other’ while Hummingbad (8%), Hiddad (7%), Lotoor (6%) Ztorg (6%) Bosuoa (5%) and Rootnik (4%) rounded out the rest of the top threats.

Globally, ‘other’ mobile malware accounted for 57% of threats while 10% were identified as Hiddad attacks.

“With all the cyber threats in circulation, many organisations still do not have the right security defences in place, and are focusing on a detection approach rather than implementing a proactive prevention solution that would block the attacks in the first place,” Horowitz concludes.

Story image
Microsoft top targeted brand by cyber criminals in Q4 2020
In Q4, 43% of all brand phishing attempts related to Microsoft (up from 19% in Q3), as threat actors continued to try to capitalise on people working remotely during the COVID-19 pandemic’s second wave. More
Story image
IT professionals destroying end-of-life hardware over fears of data breaches - report
IT directors are destroying end of life tech hardware as opposed to erasing its data out of fear of making a mistake and facing data breaches.More
Story image
Users pay with personal data - Kaspersky on WhatsApp move to share data with Facebook
"Nothing is truly free, and, unfortunately, the current business model for free services means that, essentially, we pay with our data."More
Story image
Fortinet promises free cybersecurity training until skills gap trend reverses
"We are committed to continue offering the entire catalogue of self-paced Network Security Expert training at no cost until we see the skills gap trend reverse."More
Story image
Emotet remains leading malware in global threat index
The malware has impacted 7% of organisations globally, following a spam campaign which targeted more than 100,000 users per day during the holiday season.More
Story image
Palo Alto Networks advances attack surface management with Expanse
"By integrating Expanse's attack surface management capabilities into Cortex after closing, we will be able to offer the first solution that combines the outside view of an organisation's attack surface with an inside view to proactively address all security threats."More