Adware, cryptomining targeting Aussie businesses

Australia remains a prime target for cyberattacks ranking first across Asia-Pacific and in the global top ten for the most business threat detections per country last year, according to research.

The main threats for Australian businesses in 2018 were adware and cryptomining, according Malwarebytes’ State of Malware report.

This is a big reason to be concerned as many miners and adware families drop additional malware, modify system settings, slow down or use up computing power, or otherwise disrupt operations, the report said.

“The year 2018 was action-packed from start to finish,” said Malwarebytes Labs’ director, Adam Kujawa.

“It began with threat actors diversifying their cryptomining tactics, broadening their reach to Android, Mac and cryptomining malware; and experimenting with new innovations in browser-based attacks. The Asia-Pacific region was highly targeted by bad actors with five countries among the top 10 countries with most business malware detections globally.”

While cryptomining detections increased by only 7 per cent globally, there was an 1184 per cent increase year-over-year across Asia Pacific, the company said.

Threat actors seemingly abandoned all other forms of attack for experimentation in this new technique, spanning from desktop to mobile, Mac, Windows and Android operating systems and software and browser-based attacks.

Meanwhile, malware detections across the Asia-Pacific region increased by more than 270 per cent from 2017 to 2018. Malware authors changed focus in the second half of 2018 to target organisations over consumers, recognising that businesses provided by a bigger payoff, the report said.

The big year-on-year jump in malware incidents was primarily due to the increase in backdoors (5137 per cent), cryptocurrency miners (1184 per cent) and the use of exploits against their endpoints (3690 per cent).

The report also said that WannaCry infections are still spreading to unpatched endpoints and laterally moving across networks. The payload should be neutered, in a sense that the malware can install but won’t encrypt anything, the report said.

Malware attackers are continuing to shift methodologies to follow the payload, said Malwarebytes’ Asia Pacific managing director, Jeff Hurmuses.

“We saw evidence of this with a strong focus on attacking businesses with insecure and unpatched networks,” Hurmuses said.

“From massive data breaches to ransomware attacks, businesses are experiencing what consumers should have been dealing with, but on a larger scale.”

Follow CIO Australia on Twitter and Like us on Facebookhellip;Twitter: @CIO_Australia,Facebook: CIO Australia, or take part in the CIO conversation onLinkedIn: CIO Australia

Follow Byron Connolly on Twitter:@ByronConnolly

Copyright © 2019 IDG Communications, Inc.

Download CIO's Roadmap Report: 5G in the Enterprise