Ransomware attacks continue to rise through the second quarter of 2016, with more than 18-million new malware samples discovered in the quarter. Trojans continue to dominate as the main delivery method of malware.
These are among the findings of PandaLabs’ latest report, which finds that the development and deployment of ransomware has become a lucrative business that is costing organisations across the globe billions each year.
Cybercrime is most often financially-motivated, the report finds, and cyber-criminals are using ransomware to extract money out of organisations across all industries.
Hackers tend to target organisations such as hospitals and financial service providers, as these organisations keep highly sensitive client information that can be sold at a high price on the black market.
A key takeaway in reviewing attacks is that payment of the ransom, which is often millions of dollars, does not guarantee the safe return of the breached data.
Point of sale (POS) attacks have increased and become more widespread due to the high price that credit card details collected from these devices fetch on the black market.
POS malware sample PunkeyPOS was presented in Q2, infecting more than 200 POS terminals in restaurants across the US alone, as well as infecting numerous terminals internationally.
In addition, hackers have now taken to directly targeting banks, successfully transferring funds from the banks using specially-developed malware.
Despite increased security measures Android-operated mobile devices have been heavily hit by malware this quarter, making them a dangerous ecosystem for users.
During the second quarter, the Internet of Things has continued to be a hot topic for numerous reasons. Connected devices now include fridges, TVs and cars, and with the increasing number of connected devices comes the increase risk of cyber-attacks.
Cyber-attacks do not only originate from private entities: in recent months it appears that cyber-attacks are the latest weapon governments are using to target their adversaries.
Although it is rare to find conclusive evidence that confirms the source of these attacks in some cases evidence has come to light. During the quarter, the US went on the offensive and acknowledged it is launching cyberattacks against ISIS. In addition, South Korea’s police department publicised knowledge of an attack from North Korea. This attack began over a year ago and focused on 140 000 computers belonging to government agencies and defence contractors. The attack was not discovered until February 2016.