While ransomware attacks on consumers and businesses slowed down towards the fag end of 2017, they were replaced by spyware campaigns which rose by over 800 percent year-on-year.
Spyware campaigns not only allow hackers to steal precious enterprise and user data but also allow them to identify ideal attack points to launch powerful malware attacks.
Spyware attacks are on the rise for obvious reasons. With data emerging as among the most precious commodities in recent times, cyber-criminals have been attacking enterprise IT systems with increasing regularity to steal massive bundles of customer data.
In the first half of 2017, ransomware attacks were on the rise because cyber-criminals decided to earn quick money from enterprises themselves by locking out their data rather than relying on prospective buyers on the Dark Web for their revenues. Thanks to significant campaigns like WannaCry and Globelmposter, ransomware attacks increased by as much as 700 percent in the UK between July and September.
However, with Microsoft pushing out new patches to systems across the world and organisations rushing to upgrade their systems to prevent hackers from compromising legacy systems, ransomware attacks dropped sharply in the last three months of the year, thereby forcing hackers to look for other avenues.
While the number of cyber-attacks on enterprises and citizens remained almost constant throughout the year, the drop in the number of ransomware attacks was balanced by the sudden rise in the number of spyware attacks. According to Malwarebytes' latest Annual State of Malware Report, the total number of spyware detections rose by 882 percent in the UK, higher than anywhere else in the world.
'The upturn near the end of the 2017 matches with the jump and drop of ransomware detections during the same period. This is indicative of criminals diversifying their attack strategy to increase attack success by using different malware types,' Malwarebytes noted.
The firm added that new spyware variants come with two benefits. Firstly, they allow hackers to steal intellectual property from systems owned by enterprises and individuals, and secondly, they can be used to 'scout the corporate network, identifying the best possible attack points to launch more dangerous forms of malware'.
Even though the number of spyware detections hovered around 100,000 per month in the first half of the year, the number of detections increased markedly to stabilise around 150,000 per month between August and November, coinciding with the drop in ransomware detections in the same period.
Considering how successful they have been in recent months, hackers seem to be in no mood to let go of new spyware variants in the coming days. According to researchers at Malwarebytes, spyware campaigns against businesses are expected to rise significantly in 2018.
Is Zero Trust really achievable given the complexity in finance service organisations?
Brought to you in partnership with Forescout