McAfee Labs quarterly report reviews five-year threat retrospective

McAfee Labs quarterly report reviews five-year threat retrospective
McAfee Labs quarterly report reviews five-year threat retrospective

Intel has released its McAfee Labs quarterly threat report revealing the key cyber-attack developments from the second quarter of 2015. The report provides a recollection of threats from the last five years, GPU malware assessment and techniques for withdrawing data from corporate networks.

The developments prove to be a growing threat to businesses and consumers worldwide.

Ransomware continues to grow very quickly. The number of new ransomware samples rose 58 percent in Q2. The total number of ransomware samples grew 127 percent from Q2 2014 to Q2 2015. McAfee associates the increase to fast-growing new families such as CTB-Locker, CryptoWall and more.

The total number of mobile malware samples grew 17 percent in Q2. Mobile malware infection rates decreased about one percent per region this quarter except in North America, which dropped almost four percent and Africa, which did not change.

The trend of diminishing botnet-generated spam volume continued through Q2. The Kelihos botnet stayed inactive. Slenfbot claimed the top rank, trailed closely by Gamut, and Cutwail came in third.

Every hour in Q2, more than 6.7 million attempts were made to persuade McAfee customers into connecting to dangerous URLs via emails, browser searches, etc.

Every hour in Q2 more than 19.2 million infected files were exposed to McAfee customers'networks.

Every hour in Q2 an extra seven million potentially unwanted programmes (PUPs) attempted installation or launch on McAfee-protected networks.

McAfee Labs honors the five-year anniversary of the Intel-McAfee merger by comparing what researchers figured would happen from 2010 to what truly occurred in the world of hardware and software security threats. Important researchers and management reviewed their predictions on the security abilities of silicon, the challenges of rising difficult-to-detect attacks and their 2010 expectations for new device types against the reality of today's marketplace.

Cyber-crime has moved from a world of minor criminal vandalism to a sophisticated, fully developed industry with suppliers, markets, service providers, financing and trading systems.

Serious broad-based attacks on mobile devices has grown much more slowly than predicted even though the volume of devices has increased faster than expected.

Cloud adoption has changed the nature of some attacks. Devices are attacked not for the small amount of data that they can store, but as a path to where the important data lives.

The discovery and exploitation of core Internet vulnerabilities has shown how some foundational technologies are underfunded and low in staff members. 

Businesses and consumers still do not pay enough attention to updates, patches, password security, and other simple but crucial ways to secure cyber and physical assets.

It was also detected that there is a growing, positive alliance between the security industry, education, law enforcement and governments to take down cyber-criminal operations.

The report also dives into the details of three proofs-of-concept (PoC) for malware exploiting GPUs in attacks. While nearly all of today's malware is designed to run from main system memory on the central processing unit (CPU), these PoCs leverage the efficiencies of these specialised hardware components designed to accelerate the creation of images for output to a display. The scenarios suggest hackers will try to leverage GPUs for their raw processing power.

McAfee Labs also details methods cyber-criminals use to withdraw a wide variety of information on individuals from corporate networks: names, dates of birth, addresses, phone numbers, social security numbers, credit and debit card numbers, health care information, account credentials, and even sexual preferences. In addition to tactics and methods used by attackers, this analysis examines attacker types, their motivations, and their likely targets, as well as the policies businesses should grasp to better detect withdrawal.

“We were impressed by the degree to which three key factors – expanding attack surfaces, the industrialisation of hacking, and the complexity and fragmentation of the IT security market – accelerated the evolution of threats, and size and frequency of attacks,” said Vincent Weafer, senior vice president, Intel Security's McAfee Labs. “To keep pace with such momentum, the cyber-security community must continue to improve threat intelligence sharing, recruit more security professionals, accelerate security technology innovation, and continue to engage governments so they can fulfill their role to protect citisens in cyber-space.”