Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

Cryptojacking, Mobile Malware Growing Threats to the Enterprise

At the same time, criminal organizations continue to look for new ways to attack their victims.

If exploits and malware were stocks and bonds, the third quarter of 2018 would have been a bull market.

That's the broad takeaway from Fortinet's Q3 2018 "Global Threat Landscape Report," which found malware, exploits, and threats all on the increase. From July through September, unique malware variants grew 43%, while the number of malware families grew by nearly 32%.

Despite those numbers, Anthony Giandomenico, senior security strategist/researcher at FortiGuard Labs, says cryptojacking is one of the more serious threats he's seeing. Giandomenico realizes that many researchers view crypto-jacking as more of an annoyance, but he sees two problems with that view. 

"First, it got into your network. Next, a lot of crypto-jacking malware is bringing down your antimalware software, breaking holes in your firewall, communicating with C&C, and doing other malicious things," he explains.

In addition, "malware stuffing" will be a bigger problem as time goes on, he says. "You see crypto-jacking bundled with ransomware and other malware," Giandomenico says. "I think we'll see this loaded with other malware in the future." The reason for his view is simple: Crypto-jacking may not raise much in the way of revenue, but it's free money, adding a little bit to the criminal's coffers every day until it's discovered.

Another threat with rising impact is mobile malware. "A lot of the bad guys realize that the mobile device in users' hands is a computer just like the one at home or at work. Users let their guard down, and the bad guys are capitalizing on that," he says. The increase in mobile malware can be seen in obvious ways — for example, of the threats organizations faced from all attack vectors, 14% of total malware alerts were Android-related — and in ways that are more subtle.

"Some of the targeted spear-phishing attacks will wait until lunchtime, when the victim will be at lunch, on their mobile phone. Then they'll get the message that looks like it's from a trusted source," Giandomenico says, explaining that it can be much more difficult to fully vet an email message on a small mobile screen than on the screen attached to a desktop computer.

One piece of potentially positive news is that the percentage of encrypted network traffic continues to rise, hitting 72% in the third quarter, up from 55% a year earlier. While encryption makes legitimate traffic harder to intercept and steal, it also makes malicious traffic more difficult to analyze and block. Giandomenico says he's not terribly worried about the latter. "I think more organizations will leverage analytics and machine learning to detect problems in the traffic without getting inside the traffic itself," he adds.

Related Content:

 

Black Hat Europe returns to London Dec 3-6 2018  with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.

Curtis Franklin Jr. is Senior Editor at Dark Reading. In this role he focuses on product and technology coverage for the publication. In addition he works on audio and video programming for Dark Reading and contributes to activities at Interop ITX, Black Hat, INsecurity, and ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Data Leak Week: Billions of Sensitive Files Exposed Online
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/10/2019
Lessons from the NSA: Know Your Assets
Robert Lemos, Contributing Writer,  12/12/2019
4 Tips to Run Fast in the Face of Digital Transformation
Shane Buckley, President & Chief Operating Officer, Gigamon,  12/9/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8650
PUBLISHED: 2019-12-15
python-requests-Kerberos through 0.5 does not handle mutual authentication
CVE-2014-3536
PUBLISHED: 2019-12-15
CFME (CloudForms Management Engine) 5: RHN account information is logged to top_output.log during registration
CVE-2014-3643
PUBLISHED: 2019-12-15
jersey: XXE via parameter entities not disabled by the jersey SAX parser
CVE-2014-3652
PUBLISHED: 2019-12-15
JBoss KeyCloak: Open redirect vulnerability via failure to validate the redirect URL.
CVE-2014-3699
PUBLISHED: 2019-12-15
eDeploy has RCE via cPickle deserialization of untrusted data