Intelligent CIO Europe Issue 08 | Page 28

TRENDING of all malware slip past basic signature-based antivirus solutions due to various obfuscation methods. One way every organisation can become more secure against these sophisticated, evasive threats is to deploy defences enabled with advanced malware prevention like our APT Blocker service.” WatchGuard’s Internet Security Report offers in-depth insights on the top cyberthreats each quarter, along with defence recommendations SMBs can use to protect themselves. The findings are based on data from tens of thousands of active Firebox UTM appliances around the world. Here are the top takeaways from the Q1 2018 report. Cryptocurrency miners are on the rise “ Corey Nachreiner, Chief Technology Officer at WatchGuard Technologies SINCE PAST VERSIONS OF RAMNIT HAVE TARGETED BANKING CREDENTIALS, WATCHGUARD ADVISES ITALIANS TO TAKE EXTRA PRECAUTIONS WITH THEIR BANKING INFORMATION AND ENABLE MULTI- FACTOR AUTHENTICATION FOR ANY FINANCIAL ACCOUNTS. “While ransomware and other advanced threats are still a major concern, these new cryptominer attacks illustrate that bad actors 28 INTELLIGENTCIO are constantly adjusting their tactics to find new ways to take advantage of their victims. In fact, once again in Q1, we saw nearly half Several cryptocurrency miners appeared for the first time in WatchGuard’s list of the top 25 malware variants. Firebox appliances have a rule called Linux/Downloader, which catches a variety of Linux ‘dropper’ or ‘downloader’ programs that download and run malware payloads. Usually, these droppers download a wide range of malware but in Q1 2018, 98.8% of Linux/Downloader instances were trying to download the same popular Linux-based cryptominer. Evidence from Q2 so far indicates that cryptomining malware will stay on WatchGuard’s top 25 list and may even crack the top 10 by the end of the quarter. The Ramnit trojan makes a comeback in Italy The only malware sample on WatchGuard’s top 10 list that hadn’t appeared in a past report was Ramnit, a trojan that first emerged in 2010 and had a brief resurgence in 2016. Nearly all (98.9%) of WatchGuard’s Ramnit detections came from Italy, indicating a targeted attack campaign. Since past versions of Ramnit have targeted banking credentials, WatchGuard advises Italians to take extra precautions with their banking information and enable multi-factor authentication for any financial accounts. For the first time, APAC reports the highest malware volume In past reports, APAC has trailed EMEA and AMER in the number of reported malware hits by a wide margin. In Q1 2018, APAC received the most malware overall. The vast majority of www.intelligentcio.com