According to a newly released report from security firm Trend Micro, in the first quarter of this year Australia held 6% of the world’s ransomware detections, with Australia and New Zealand both suffering from ransomware attacks as TorrentLocker attacks moved from market to market.
While the number of ransomware infections in Australia for consumers in Q1 against the previous quarter went down from 72% to 52%, infections for enterprises jumped from 16% to 28% in the quarter, and small businesses more than doubled from 6% to 14%.
“Ransomware is very much top of mind for IT managers in Australia and New Zealand as we see fresh campaigns from cybercriminals regularly,” said Dhanya Thakkar, managing director Trend Micro Asia Pacific.
According to Thakkar, a combination of newer and older threat variations defined the cybersecurity landscape in the first quarter of this year, and from an industry perspective, healthcare and retail point-of-sale systems have also seen an “uptick in threat activity”.
Thakkar says the Trend Micro report reinforces how complacency can present major cybersecurity risks in an era where “the margin for error has been significantly diminished”.
“Even though we are early in the year, it is clear 2015 is shaping up to be noteworthy in terms of volume, ingenuity and sophistication of attacks,” Thakkar warns.
“The rise in attacks against the healthcare industry, combined with the rise in malvertisements, reflects that technology users are being assailed from all angles. It is clear businesses and individuals alike need to be proactive in protecting against threats. An aggressive and different security posture is critical to keep financial, personal and intellectual property safe.”
Trend Micro reveals that the healthcare industry experienced a notable rise in cyber-attacks, in addition to iOSTM and point-of-sale (PoS) systems continuing to be targeted.
“Since exploitations in these areas have been in their infancy for several years, researchers believe this rise is primarily due to a lack of preparedness—a sizeable oversight that should be addressed,” Thakkar says.
The report also shows that Australia ranked second in the world for countries with the highest number of PoS RAM Scraper infections in Q1, with 10% of the world’s PoS RAM Scraper infections, after the US with 23%.
“The number of PoS-RAM-scraper detections more than doubled since we started tracking them last year, which could be attributed to improvements to existing PoS malware.
“PoS malware are going to be mainstays in the security industry just like scareware and ransomware. This is especially true for countries such as Australia and New Zealand where most people prefer cards over cash.”
“The question we have to ask is, ‘are we doing enough to protect ourselves from security threats?’” adds Thakker. “While we need to constantly update our systems to protect against new attacks, the first quarter of 2015 clearly showed we need to also watch out for older threats, and how no industry or system should feel exempt.”
On the threats to consumers, Tim Falinski, Consumer, Director, ANZ at Trend Micro, said, “Considering we’ve seen more than half the predicted Android threats for 2015 in Q1 alone, consumers need to be wary of underestimating the security threats their mobile devices expose them to.
“With Australian and New Zealanders being some of the most prevalent smartphone users in the world, we must remain vigilant and protect ourselves from these threats,” Falinski cautions.
Trend Micro also reveals that Australia ranked third in the world for countries that posted the highest number of users who clicked malicious URLs throughout the quarter, with 5% of the world’s malicious URL clicks.
And, we also ranked third in the world for countries with the highest number of command and control (C&C) server connections for Q1, with 5% of the world’s C&C server connections.
Adware topped the list of mobile threats, with Trend Micro now documenting more than five million Android threats to date — nearing the predicted total of eight million by the close of 2015. The report reveals that the top malicious and high-risk apps blocked by Trend Micro were adware related, reflecting the increase in threats.
Trend Micro researchers also found zero-day exploits targeting Adobe software utilised malvertisements and no longer required victims to visit or interact with malicious sites to become infected.
Key security issues reported by Trend Micro include:
• Healthcare industry hit by massive attacks: Major healthcare service providers, such as Premera Blue Cross and Anthem, suffered data breaches that exposed millions of customers’ financial and medical data
• Old threats invigorated with new targeted attack tools, tactics and procedures: Rocket Kitten and those behind Operation Pawn Storm set their sights on new targets, proving that targeted attacks are evolving
• Exploit kits grew in sophistication: Exploit kits constantly add new exploits to their arsenals, adding to their allure to expert and novice attackers. Australia ranked third in the world for countries most affected by exploit-kit-related attacks in Q1, with five percent of the world’s exploit-kit-related attacks
• Crypto-ransomware volume soared, expands to enterprises: Crypto-ransomware expanded their target base to enterprise users, no longer exclusively pursuing consumers
• Macro malware, old but still effective: The resurgence of macro malware suggest cybercriminals are taking advantage of user security complacency, through reliance on Microsoft Office® macro malware infections in Q1 2015, with five percent of the world’s macro malware detections
• Decade-Old FREAK security flaw brought on patch management challenges: As more vulnerabilities emerge in open source OSs and applications, IT administrators will find it increasingly difficult to mitigate risks.