Risk Tips Issue #22: Cyber Attacks Trends /Way Forward
- Jan 22, 2018
- RIMAN, Check Point Tech.
Discussion on cyber risks cannot be over emphasized and that is why it is coming for the second time in a row. Being the topmost ranked risk in the just concluded year, it is therefore imperative to review why this has been on the rise, the consequences and preventive measures.
As evidenced by a worldwide attack on hospital and industrial systems that’s currently getting a lot of press, the number of systems being attacked using ransomware is on the rise. The attack in question uses the WannaCrypt ransomware based on WannaCry. And it brings up a good question: Is there a difference between ransomware and malware?
Ransomware is a subset of Malware. Malware attacks usually come in the form of a computer virus or worm. A virus piggybacks on something like a document, spreadsheet or e-mail, whereas a worm is a more active attack. It starts on a networked computer system and attempts to subvert one or more computers on the network. This used to be difficult when networked computers were limited in number and connectivity. These days, of course, the internet effectively links billions of devices.
Present-day malware typically consists of a combination of one or more viruses and worms. This allows the malware to remain hidden and spread itself among files on a host computer, as well as spreading to other computers. Malware tends to be specific to a platform like Windows, or even an application. This allows the malware to target specific security holes or improperly configured systems.
Ransomware differs primarily in its approach after a successful attack. Non-ransomware malware may simply be annoying or slightly malicious, deleting files or changing the system configuration (e.g. a screen background). More malicious malware may reformat a disk or corrupt files on the system. It may also remain hidden and communicate with a control system so it can be part of a distributed denial of service (DDOS) attack. In addition, malware may try to capture information from passwords and keystrokes to documents, and then forward this information to a control system.
Facts you need to know about cyber attacks
Every 24 seconds, a host accessed a malicious
Every 34 seconds, an unknown malware is
• Every minute, a bot communicated with its command
and control center.
• Every 5 minutes, a high risk application is used.
• Every 6 minutes, known malware is downloaded.
• Every 36 minutes, sensitive data are sent outside of the organization
There are many family of malware, we are
going to provide brief descriptions of few of them and
how they wreck havoc on their hosts.