Malware has quickly emerged as the king of threats.
In a recent Bitglass study titled Malware, P.I., nearly half of all organisations were found to be infected, with 44% of organisations revealed to have malware in at least one of their cloud apps.
Bitglass is a global cloud access security broker (CASB) and agentless mobile security company.
What’s more, astonishingly few anti-malware tools proved capable of detecting ShurL0ckr, a new, zero-day ransomware. Google Drive, Microsoft SharePoint and 93% of antivirus engines were unable to detect ShurL0ckr.
So far in 2018, ransomware like WannaCry have continued to spread, and Emotet has emerged as a leading, modular banking Trojan. Cloud cryptojacking is also on the rise.
Security experts are particularly concerned about the evolution of context-aware threats like the Rakhni Trojan, as well as the growth of ransomware-as-a-service. A context-aware threat installs malware best suited for the systems that it is infecting. For example, in computers that have cryptocurrency wallets already installed, Rakhni will deploy ransomware that encrypts the device and requires victims to pay a cryptocurrency ransom for decryption. Ransomware-as-a-service is where hackers offer ransomware platforms that inexperienced cyber criminals can use to hold data hostage
The MS-ISAC Top 10 Malware refers to the top 10 new actionable event notifications of non-generic malware signatures sent out by the MS-ISAC Security Operations Center (SOC).
Dropped – Malware delivered by other malware already on the system, an exploit kit, infected third-party software, or manually by a cyber threat actor.
Malvertisement – Malware introduced through a malicious advertisement.
Multiple – Refers to malware that currently favours at least two vectors.
Malspam – Unsolicited emails, which either direct users to download malware from malicious websites or trick the user into opening malware through an attachment.
Network – Malware introduced through the abuse of legitimate network protocols or tools such as SMB or remote PowerShell.
Center for Internet Security, Inc. (CIS®) is a forward-thinking, non-profit entity that harnesses the power of a global IT community to safeguard private and public organisations against cyber threats.