Cryptojacking, Mobile Malware Growing Threats to the EnterpriseAt the same time, criminal organizations continue to look for new ways to attack their victims.
If exploits and malware were stocks and bonds, the third quarter of 2018 would have been a bull market.
That's the broad takeaway from Fortinet's Q3 2018 "Global Threat Landscape Report," which found malware, exploits, and threats all on the increase. From July through September, unique malware variants grew 43%, while the number of malware families grew by nearly 32%.
Despite those numbers, Anthony Giandomenico, senior security strategist/researcher at FortiGuard Labs, says cryptojacking is one of the more serious threats he's seeing. Giandomenico realizes that many researchers view crypto-jacking as more of an annoyance, but he sees two problems with that view.
"First, it got into your network. Next, a lot of crypto-jacking malware is bringing down your antimalware software, breaking holes in your firewall, communicating with C&C, and doing other malicious things," he explains.
In addition, "malware stuffing" will be a bigger problem as time goes on, he says. "You see crypto-jacking bundled with ransomware and other malware," Giandomenico says. "I think we'll see this loaded with other malware in the future." The reason for his view is simple: Crypto-jacking may not raise much in the way of revenue, but it's free money, adding a little bit to the criminal's coffers every day until it's discovered.
Another threat with rising impact is mobile malware. "A lot of the bad guys realize that the mobile device in users' hands is a computer just like the one at home or at work. Users let their guard down, and the bad guys are capitalizing on that," he says. The increase in mobile malware can be seen in obvious ways — for example, of the threats organizations faced from all attack vectors, 14% of total malware alerts were Android-related — and in ways that are more subtle.
"Some of the targeted spear-phishing attacks will wait until lunchtime, when the victim will be at lunch, on their mobile phone. Then they'll get the message that looks like it's from a trusted source," Giandomenico says, explaining that it can be much more difficult to fully vet an email message on a small mobile screen than on the screen attached to a desktop computer.
One piece of potentially positive news is that the percentage of encrypted network traffic continues to rise, hitting 72% in the third quarter, up from 55% a year earlier. While encryption makes legitimate traffic harder to intercept and steal, it also makes malicious traffic more difficult to analyze and block. Giandomenico says he's not terribly worried about the latter. "I think more organizations will leverage analytics and machine learning to detect problems in the traffic without getting inside the traffic itself," he adds.
Black Hat Europe returns to London Dec 3-6 2018 with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.
Curtis Franklin Jr. is Senior Editor at Dark Reading. In this role he focuses on product and technology coverage for the publication. In addition he works on audio and video programming for Dark Reading and contributes to activities at Interop ITX, Black Hat, INsecurity, and ... View Full Bio