Security Market Segment LS
Tuesday, 13 March 2018 00:00

McAfee's latest Threats Report shows 8 new cyber threats every second, novel techniques abound


Cyber security company McAfee reports "record suggest in health care attacks, fileless mawalre, and cryptocurrency mining", with 59% YoY ransomware growth, new Mac OS malware yet new mobile malware decreasing by 35%, and plenty more.

Cataloguing "478 new cyber threats every minute, meaning eight every second", McAfee Labs' new Threats Report 2018 shows cyber criminals embrace novel techniques and schemes to capture new revenue streams.

The detailed 19-page report is available for free download, without additional registration for once, with a detailed infographic compiled from the report embedded at the end of this article.

Here are some highlights from the report:

  • Health care experiences 211% increase in disclosed security incidents in 2017
  • Fileless malware leveraging Microsoft PowerShell grows 267% in Q4 2017
  • Cyber criminals follow the money into cryptocurrency mining
  • New ransomware grows 35%; ends 2017 with 59% growth year over year
  • New mobile malware decreases by 35%; infection rates are highest in South America
  • New Mac OS malware samples increase by 24% in Q4; total Mac OS malware grows 58% in 2017
  • Disclosed incidents rose 42% in Oceania in 2017, falling 33% in Q4.

The McAfee Labs Threats Report: March 2018 examines "the growth and trends of new malware, ransomware, and other threats in Q4 2017".

The company states that it "saw on average eight new threat samples per second, and the increasing use of fileless malware attacks leveraging Microsoft PowerShell. The Q4 spike in Bitcoin value prompted cybercriminals to focus on cryptocurrency hijacking through a variety of methods, including malicious Android apps".

Raj Samani, McAfee fellow and chief scientist, said: "The fourth quarter was defined by rapid cybercriminal adoption of newer tools and schemes-fileless malware, cryptocurrency mining, and steganography. Even tried-and-true tactics, such as ransomware campaigns, were leveraged beyond their usual means to create smoke and mirrors to distract defenders from actual attacks.

"Collaboration and liberalised information-sharing to improve attack defenses remain critically important as defenders work to combat escalating asymmetrical cyber warfare."

Each quarter, McAfee Labs reminds us that it "assesses the state of the cyber threat landscape based on threat data gathered by the McAfee Global Threat Intelligence cloud from hundreds of millions of sensors across multiple threat vectors around the world. McAfee Advanced Threat Research complements McAfee Labs by providing in-depth investigative analysis of cyber attacks from around the globe".

Cybercriminals take on new strategies, tactics

"The fourth quarter of 2017 saw the rise of newly diversified cybercriminals, as a significant number of actors embraced novel criminal activities to capture new revenue streams. For instance, the spike in the value of Bitcoin prompted actors to branch out from moneymakers such as ransomware, to the practice of hijacking Bitcoin and Monero wallets. McAfee researchers discovered Android apps developed exclusively for the purpose of cryptocurrency mining and observed discussions in underground forums suggesting Litecoin as a safer model than Bitcoin, with less chance of exposure.

"Cyber criminals also continued to adopt fileless malware leveraging Microsoft PowerShell, which surged 432% over the course of 2017, as the threat category became a go-to toolbox. The scripting language was used within Microsoft Office files to execute the first stage of attacks."

Steve Grobman, chief technology officer for McAfee, said: "By going digital along with so many other things in our world, crime has become easier to execute, less risky and more lucrative than ever before.

"It should be no surprise to see criminals focusing on stealthy fileless PowerShell attacks, low risk routes to cash through cryptocurrency mining, and attacks on soft targets such as hospitals."

Health care targeted

"Although publicly disclosed security incidents targeting health care decreased by 78% in the fourth quarter of 2017, the sector experienced a dramatic 210% overall increase in incidents in 2017. Through their investigations, McAfee Advanced Threat Research analysts conclude many incidents were caused by organisational failure to comply with security best practices or address known vulnerabilities in medical software.

"McAfee Advanced Threat Research analysts looked into possible attack vectors related to health care data, finding exposed sensitive images and vulnerable software. Combining these attack vectors, analysts were able to reconstruct patient body parts, and print three-dimensional models."

Christiaan Beek, McAfee lead scientist and senior principal engineer, said: "Health care is a valuable target for cybercriminals who have set aside ethics in favour of profits.

"Our research uncovered classic software failures and security issues such as hardcoded embedded passwords, remote code execution, unsigned firmware, and more. Both health care organisations and developers creating software for their use must be more vigilant in ensuring they are up to date on security best practices."

Q4 2017 threats activity

Fileless malware: In Q4 JavaScript malware growth continued to slow with new samples decreasing by 9%, while new PowerShell malware more than tripled, growing 267%.

Security incidents: McAfee Labs counted 222 publicly disclosed security incidents in Q4, a decrease of 15% from Q3. 30% of all publicly disclosed security incidents in Q4 took place in the Americas, followed by 14% in Europe and 11% in Asia.

Vertical industry targets: Public, health care, education, and finance, respectively, led vertical sector security incidents for 2017.

  • Health care: Disclosed incidents experienced a surge in 2017, rising 210%, while falling 78% in Q4.
  • Public sector: Disclosed incidents decreased 15% in 2017, down 37% in Q4.
  • Education: Disclosed incidents rose 125% in 2017, remaining stagnant in Q4.
  • Finance: Disclosed incidents rose 16% in 2017, falling 29% in Q4.

Regional Targets.

  • Americas: Disclosed incidents rose 46% in 2017, falling 46% in Q4.
  • Asia: Disclosed incidents fell 58% in 2017, rising 28% in Q4.
  • Europe: Disclosed incidents fell 20% in 2017, rising 18% in Q4.
  • Oceania: Disclosed incidents rose 42% in 2017, falling 33% in Q4.

Attack vectors: In Q4 and 2017 overall, malware led disclosed attack vectors, followed by account hijacking, leaks, distributed denial of service, and code injection.

Ransomware: The fourth quarter saw notable industry and law enforcement successes against criminals responsible for ransomware campaigns. New ransomware samples grew 59% over the last four quarters, while new ransomware samples growth rose 35% in Q4. The total number of ransomware samples increased 16% in the last quarter to 14.8 million samples.

Mobile malware: New mobile malware decreased by 35% from Q3. In 2017 total mobile malware experienced a 55% increase, while new samples declined by 3%.

Malware overall: New malware samples increased in Q4 by 32%. The total number of malware samples grew 10% in the past four quarters.

Mac malware: New Mac OS malware samples increased by 24% in Q4. Total Mac OS malware grew 58% in 2017.

Macro malware: New macro malware increased by 53% in Q4, declined by 35% in 2017.

Spam campaigns: 97% of spam botnet traffic in Q4 was driven by Necurs-recent purveyor of "lonely girl" spam, pump-and-dump stock spam, and Locky ransomware downloaders-and by Gamut-sender of job offer-themed phishing and money mule recruitment emails.

Here's McAfee's infographic from the Threat Labs Report, with the full resolution version of the infrographic available here. Please turn your phone horizontal to view full image. 

Read 2857 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


Thoughtworks presents XConf Australia, back in-person in three cities, bringing together people who care deeply about software and its impact on the world.

In its fifth year, XConf is our annual technology event created by technologists for technologists.

Participate in a robust agenda of talks as local thought leaders and Thoughtworks technologists share first-hand experiences and exchange new ways to empower teams, deliver quality software and drive innovation for responsible tech.

Explore how at Thoughtworks, we are making tech better, together.

Tickets are now available and all proceeds will be donated to Indigitek, a not-for-profit organisation that aims to create technology employment pathways for First Nations Peoples.

Click the button below to register and get your ticket for the Melbourne, Sydney or Brisbane event



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


Alex Zaharov-Reutt

Alex Zaharov-Reutt is iTWire's Technology Editor is one of Australia’s best-known technology journalists and consumer tech experts, Alex has appeared in his capacity as technology expert on all of Australia’s free-to-air and pay TV networks on all the major news and current affairs programs, on commercial and public radio, and technology, lifestyle and reality TV shows. Visit Alex at Twitter here.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News