Asia Pacific region sees 1000% increase in Ransomware

Malwarebytes 1

Malwarebytes recently released a security research report analyzing the top malware threats for 2017 in the world. The Malwarebytes Cybercrime Tactics and Techniques: 2017 State of Malware Report shows sharp increases in malware-based cybercrime, including ransomware, banking Trojans, spyware, adware, cryptocurrency miners and others were detected across all victims.

Globally, the study reveals a 90 percent increase in ransomware attacks for businesses and consumers, becoming the fifth-most detected threat. In Asia Pacific, ransomware (1000% increase), hijacker (522% increase), spyware (200% increase), and worms (50% increase), all increased from 2016.

Key findings for Asia Pacific include:

  • Ransomware detections in Singapore increased over 95% from 2016.
  • Global ransomware attacks from WannaCry, Globelmposter, Locky, and Cerber played major roles in the surge in ransomware attacks in 2017, globally.

Malware had a substantial effect on businesses.

  • Malware detections in business in Singapore steadily increased, totaling a 14% increase year-on-year.
  • Hijacker detections remained in line with 2016 until August 2017 when detection numbers soared for Asia Pacific with a 566% increase.
  • While 2017 began the year with less spyware, the second half of the year ended with 3 times the number of detections in Asia Pacific.

Jeff Hurmuses, Area Vice President and Managing Director, Asia Pacific, Malwarebytes said, “It’s clear that cybercriminals are becoming more strategic as they pick the most effective form of attack. While Asia Pacific hasn’t been a major target in the past, the data we are seeing leads us to believe that ransomware, worms, and spyware attacks will become a major threat in the region. It’s crucial that companies, particularly in the healthcare and education sectors, stay ahead of these threats, familiarize themselves with cybercriminals’ methodologies and tactics, and replace their outdated security systems before they become a victim of an attack.”

Globally, the report reveals significant changes in cybercriminal methodology, including:

Ransomware was tool of choice for cybercriminals in 2017

Ransomware against consumers increased 93% while ransomware against businesses is up 90%. The monthly rate of ransomware attacks increased up to 10 times the rate of 2016, with September 2017 having the largest volume of ransomware attacks against businesses ever documented.

What cybercriminals can’t hold for ransom, they will steal

Hijackers, adware and riskware tools top 3 detections against businesses (in order). The second half of the year marked an average of 102 percent increase in banking Trojan detections. Hijackers rose nearly 40% year over year, moving this threat to the most common threat detected against businesses in 2017.

Increase in the malicious use of crypto-miners

Alongside a sudden cryptocurrency craze, bad actors have started utilizing cryptomining tools for their own profit, using victim’s personal computers in the process. This includes a significant increase of miners through compromised websites, malicious spam, exploit kit drops and adware bundlers. Malwarebytes blocked an average of 8 million drive-by mining attempts per day in September 2017.

To better understand how cybercriminals are evolving their threats and tactics, Malwarebytes researchers analyzed security threat telemetry from January 2016 to November 2017. Data was also obtained from Malwarebytes’ internal honeypots and collection efforts to identify not only infection, but also malware distribution. The report finds significant increases in the volume of threats against both businesses and consumers and details the most interesting and impactful methods of malware creation and distribution in all of 2017.