Cyber-crooks shift focus from ransomware onto crypto-jacking

During 2017, cyber-criminals launched most attacks with ransomware such as NotPetya and WannaCry and netted dollars counting to millions as they victimized Web surfers.

Ransomware's main feature is encrypting data. Samples like CryptoMix, WannaCry, Ryuk and GandCrab bear the ability for encrypting contaminated discs and PCs, while also lock device contents as well as block computers from functioning appropriately. Hackers executing these malware contaminations make profit by demanding to be paid, generally in crypto-currency, while they would supply a key in exchange, for apparently decrypting the encrypted content.

IBM X-Force, the threat intelligence research and incident response wing belonging to IBM Security recently conducted a research, which showed that ransomware attacks declined rapidly during 2018 because cyber-crime syndicates moved to newer tactics for keeping away from security detections.

IBM X-Force Threat Intelligence Director Wendi Whitmore says, considering the decline of ransomware usage, the pivot from ransom software, as also the increase in personalized assaults- these trends together indicate the actual motivation for cyber-criminals as return-on-investment. There has begun reduction in value of PII (Personally Identifiable Information), while exploration is on for fresh illegal profit models. Currently, a most preferred item is computer systems' computing power whose usage helps mine crypto-currencies. Consequently, cyber-criminals are clandestinely compromisingconsumer devices and corporate networks for mining digital currencies, Whitmore analyzes. www.zdnet.com posted this, February 26, 2019.

Ransomware usage against business organizations has declined significantly, states the report, with IBM recording the only single prominent ransomware assault via a spam campaign that was distributed through the Necurs botnet throughout 2018. Overall, during Q4 2018, ransomware assaults dropped 45 percent compared to Q1 2018. In the
meantime, crypto-jacking assaults increased four-fold to 450 percent during the same period.

There are recommendations too for organizations that the report offers for enhancing preparedness via preventive schemes namely "threat hunting" meaning deliberately scanning endpoints as well as networks for sophisticated threats which bypass security systems. Lastly, the Threat Intelligence Index of IBM X-Force underlines adopting
remediation measures along with fulfilling incidence response. That's because some organizations even having mature security protocols mayn't be aware of the way for dealing with security incidents.

» SPAMfighter News - 3/1/2019