cyber trends
New ransomware declined 12 % in Q1 ; total ransomware increased 32 % over the past four quarters .
Q1 2020 threat activity
• Malware overall . New malware samples slowed by 35 %; total malware increased 27 % over the past four quarters . New Mac OS malware samples increased by 51 %.
• Mobile malware . New mobile malware increased by 71 %, with total malware growing nearly 12 % over the past four quarters .
• Regional Targets . Disclosed incidents targeting the Americas increased 60 %, incidents targeting Asia-Pacific increased 27 %, while Europe decreased 7 %.
• Security incidents . McAfee Labs counted 458 publicly disclosed security incidents , an increase of 41 % from Q4 . A total of 50 % of all publicly disclosed security incidents took place in North America , followed 9 % in Europe . Nearly 47 % of all publicly disclosed security incidents took place in the US .
• Vertical industry targets . Disclosed incidents targeting the public sector increased 73 % individuals increased 59 %, education increased 33 %, and manufacturing increased 44 %.
• Attack vectors . Overall , malwareled disclosed attack vectors , followed by account hijacking and targeted attacks .
• Cryptomining . New coinmining malware increased 26 %. Total coinmining malware samples
On malicious files alone , we stopped well over a million files that were intended to infect / defraud its victims .
increased nearly 97 % over the past four quarters .
• Fileless malware . New JavaScript malware declined nearly 38 %, while total malware grew nearly 24 % over the past four quarters . New PowerShell malware increased 689 %; total malware grew 1,902 % over the past four quarters .
• IoT . New malware samples increased nearly 58 %; total IoT malware grew 82 % over the past four quarters .
We spoke to Raj Samani , McAfee Fellow and Chief Scientist , to gather his thoughts on the findings .
Were you surprised by the threat activity figures from Q1 2020 ?
The slow pick up was perhaps a little surprising , but really , from about mid- March , I don ’ t think the volume was that unexpected . Perhaps more surprising was the geographies that were targeted — for some time , the most targeted country for malicious files , using COVID as a lure , was Spain and that was unexpected .
Was there anything that could have been done differently to avoid victims ’ data being stolen ?
Well , all of the metrics we presented were stopped . In fact , on malicious files alone , we stopped well over a million files that were intended to infect / defraud its victims .
Why do you think attacks in the Americas increased , while those in Europe decreased ?
In part , the US generally is one of the territories that is targeted more often . However , we also have to consider that unlike many other countries , it does have relatively mature reporting , so any attacks / breaches themselves can be identified and counted .
How do you predict the findings to change , moving forward ?
The use of COVID as a lure is already fragmenting . We are now seeing attackers take advantage of some of the indirect consequence of the pandemic .
For example , attackers are using the economic situation to bait individuals into clicking on links to malicious sites , under the guise that they will be able to claim stimulus cheques . Also , with more of us streaming content to our homes , we are seeing an uptick in phishing lures claiming that accounts have been suspended . u
Raj Samani , McAfee Fellow and Chief Scientist
www . intelligentciso . com | Issue 31
21