In the third quarter of 2016, all signs indicate that cybercrime is here to stay, in fact attacks continue to become more frequent and destructive. Over the quarter, Panda Security captured 18-million new malware samples, more than 200 000 samples daily.
The company says that cybercrime continues to grow at an exponential rate, fuelled by the opportunity for large financial rewards.
This quarter saw Ransomware mature, with new variants of successful malware such as Locky, and the development of a model known as Ransomware-as-a-Service (RaaS), whereby developers create Ransomware for distributors, these distributors then target and infect victims – allowing both parties to achieve greater profits.
Another key development was the occurrence of DDoS attacks. Notable DDoS attacks in Q3 include that of Cyber Security journalist Brian Krebs. Krebs uncovered vDoS – a business offering DDoS attack services – that lead to the arrest of its key members. Subsequently, Krebs’ site became the victim of a massive DDoS attack that saw Google step in to restore the site. As one of the largest attack of its kind, hackers leveraged IoT devices to send 620Gb of data per second – at its peak – to the site. Although this particular attack was motivated by revenge, similar attacks this quarter have been highly profitable, earning criminals up to R 8.6-million.
The Gaming world took a big hit, as cyber-attacks targeted multiple gaming sites, gaining access to millions of users’ personal information. These attacks were largely launched using botnets composed of smartphones, and effected users of Overwatch, World of Warcraft and Diablo 3. Further attacks saw more than 3.5-million users exposed when Dota 2 and mobile game Clash of the Kings were targeted. These highlight just a few incidences in the Gaming world in the last 3 months.
The Banking sector remains a target for hackers as attacks on ATM’s, POS terminals and Bitcoin wallets continue to become more frequent and more advanced.
A Taiwanese ATM attack this quarter indicated just how advanced cybercriminals have become when they were able to hack the banks internal network and withdraw over R28-million without even touching the ATM itself.
POS terminals continue to become victims of new versions of malware variant PunkeyPOS – affecting thousands of terminal in the US alone.
Another big victim was Yahoo – one of the biggest attacks of its kind revealed this quarter indicated that 500-million user accounts had been comprised in a 2014 attack.
Finally, Q3 saw the largest Bitcoin robbery to date, when R 84-billion worth of Bitcoin was stolen by hackers.
“There is no doubt in our minds that cybercrime will continue to grow and evolve at a rapid rate in the next quarter and beyond,” Panda says. “We have already seen some instances of the dangers IoT can bring and this is likely to increase as IoT becomes more integrated into our daily lives. From TV’s and Fridges to Cars – anything with an Internet connection can become a threat, particularly as many IoT devices do not currently have sufficient protection from cyber criminals’ activities.
“It is imperative that we alert ourselves to these threats and ensure we have the best protection in place,” the company says.