Australia records 6 per cent of global ransomware detections

Australia recorded the second highest number of ransomware detections worldwide in Q1 this year, with 6 per cent of total detections, according to Trend Micro’s Q1 threat roundup.

The roundup report, Bad ads and zero-days: re-emerging threats challenge trust in supply chains and best practices, found the number of ransomware infections that occurred in Australia and New Zealand in Q1 jumped from 16 per cent to 28 per cent for enterprises since the previous quarter, and small businesses from 6 per cent to 14 per cent.

Specific threats

The threats were made up of combination of newer and older threat variations. Users from Australia and New Zealand fell victim to TorrentLocker attacks, which inched their way from market to market.

Crypto-ransomware, usually exclusive to consumers, expanded their target base to enterprise users, with subsequent soars in attack volume.

Australia ranked third in the world for the highest number of users who clicked malicious URLs throughout the quarter (5 per cent), according to the report.

Exploit kits have been constantly adding new strategies to their arsenals, while Australia ranked third in the world for countries most affected by exploit-kit-related attacks in Q1, also 5 per cent.

Old threats have been invigorated with new targeted attack tools, tactics and procedures, including the likes of Rocket Kitten and Operation Pawn Storm.

A resurgence of macro-malware suggested cyber-criminals are taking advantage of user security complacency, through reliance on Microsoft Office defaults, Trend Micro researchers said.

Australia ranked fifth in the world for countries with the highest number of macro-malware infections in Q1 2015, again with 5 per cent of the world’s macro-malware detection.

The decade-old FREAK security flaw brought on patch management challenges, challenging IT administrators with more vulnerabilities in open source OSs and applications.

Australia ranked second in the world for countries with the highest number of PoS RAM Scraper infections in Q1, with 10 per cent, after the US with 23 per cent, which could be due to improvements to existing PoS malware, according to Trend Micro.

Massive attacks on healthcare

From an industry perspective, healthcare saw massive attacks, as well as iOS devices, Adobe software users and retail point-of-sale (PoS) systems, which have seen an uptick in threat activity.

Major healthcare service providers, such as Premera Blue Cross and Anthem, suffered data breaches that exposed millions of customers’ financial and medical data.

Since exploits in these areas have been in their infancy for several years, the report suggested this rise was primarily due to a lack of preparedness.

No industry exempt

“Ransomware is very much top of mind for IT managers in Australia and New Zealand as we see fresh campaigns from cyber-criminals regularly,” said Dhanya Thakkar, managing director at Trend Micro Asia Pacific.

“Even though we are early in the year, it is clear 2015 is shaping up to be noteworthy in terms of volume, ingenuity and sophistication of attacks.”

Thakker said the rise in attacks against the healthcare industry and the use of malvertisements reflected that technology users are being assailed from all angles.

“The question we have to ask is, ‘are we doing enough to protect ourselves from security threats?’

“While we need to constantly update our systems to protect against new attacks, the first quarter of 2015 clearly showed we need to also watch out for older threats, and how no industry or system should feel exempt.”