Businesses struggling to keep up with latest wave of malware attacks
Companies have been struggling for years to keep cyber-attacks at bay. Cyberthieves are working faster than ever before to send out their malicious attacks, and it’s become increasingly difficult for companies to keep up.
CNN reports that almost one million malware strains are released every day. In 2014, more than 300 million new types of malicious software were created. In addition to new forms of malware, hackers continue to rely on tried and true bugs because many companies simply haven’t found a fix or haven’t updated their systems to mitigate the threats.
In almost 90% of these cases, the bugs have been around since the early 2000s, and some go back to the late 1990s. The irony here is that companies can protect themselves and create patches for these bugs, but there tends to be a lack of effort and resources when it comes to getting the job done.
Some industries are targeted more than others. After hackers get information from these companies, such as proprietary data, they attempt to sell the information on the black market.
Cyberattacks are spreading quickly, and it takes almost no time after an email is sent for a victim to fall for the scheme. When a hacker is successful at breaking into a certain type of company, such as a bank or insurance firm, they will typically use the same exact method to quickly attack another company in the same industry.
New and improved cyber attacks
While old methods of cyber-attack can still be effective, it is the new scams that users should be nervous about. Here are some examples:
- Social media scams
Social media scams work and cybercriminals just love them because the people being scammed do most of the work. Cybercriminals release links, videos or stories that lead to viruses, and people share them with their friends because they are cute, funny or eye-raising. These tend to spread quickly because people feel as if they are safe.
Hackers may also use a practice known as “likejacking” to scam people on social media. In this case, they will use a fake “like” button that tricks people into installing malware. The programs then post updates on the user’s wall or newsfeed to spread the attack.
- Software update attacks
Hackers are also focusing on more selective attacks. For example, a hacker may hide malware inside of a software update. When a user downloads and installs the update, the virus is set free.
These attacks, where thieves steal or lock files on a person’s computer and then demand a ransom for access, climbed more than 110% in the last year alone. Once infected, the only way to regain access to the files is to pay a fee, usually between $300 and $500, for a decryption key.
How can you mitigate insider threats? Tune into the Carbonite webinar that I’ll be hosting live on Wednesday, March 15th at 11 am ET, to learn how. Register here: http://go.carbonite.com/security-threat/blog.
Consultant Robert Siciliano is an expert in personal privacy, security and identity theft prevention. Learn more about Carbonite’s cloud and hybrid backup solutions for small and midsize businesses. Disclosures.