Ransomware remains a major threat with attacks using Locky and Cryptowall both increasing by 10 percent in November compared with the previous month.
The latest report from threat prevention specialist Check Point based on its Global Threat Index shows the number of active malware families and number of attacks remain close to an all-time high thanks to continued relentless attacks on business networks.
Conficker retained its position as the world’s most prevalent malware, responsible for 15 percent of recognized attacks. Second-placed Locky, which only started its distribution in February of this year, was responsible for six percent of all attacks and third-placed Sality was responsible for five percent of known attacks. Overall the top ten malware families accounted for 45 percent of all known attacks.
“Ransomware attacks are still growing in volume for a simple reason — they work, and generate significant revenues for the attackers”, says Nathan Shuchami, head of threat prevention at Check Point. “Organizations are struggling to effectively counteract the threat posed by this insidious attack form; many simply don’t have the right defenses in place, and may not have educated staff on how to recognize the signs of a potential ransomware attack in incoming emails. This, of course, only makes it even more attractive to criminals”.
Away from ransomware, the Ramnit banking Trojan saw the largest increase in attacks globally in November, entering Check Point’s top 10 ranking for the first time as the sixth most common malware. It more than doubled its number of infections since last October, and was mainly seen in Turkey, Brazil, India, Indonesia and the US. Ramnit is used to steal banking credentials, FTP passwords, session cookies and personal data.
The UK was the 48th most attacked country globally (up sharply from 81st in October), higher than the US (87th) and Germany (85th) and France (82nd). Mobile malware families continued to pose a significant threat to businesses. The three most common mobile families being the HummingBad Android malware, the Triada backdoor and the Ztorg Trojan.
You can see real time attack data based on Check Point’s ThreatCloud intelligence platform on the company’s website.
Photo credit: Bacho / Shutterstock