Cyber attacks on businesses surge by 55%, warns Malwarebytes
It’s long been known that businesses in the UK are failing to address fundamental security flaws and a report from cybersecurity firm Malwarebytes highlights how this is being exploited.
According to the cybersecurity firm’s quarterly report which was released this week, banking Trojan attacks were up 84% earlier this year making them the most popular form of malware attack for both businesses and consumers. More alarmingly, it shows a shift in the way hackers choose to target vulnerable users as the types of Trojan used are changing.
A mix of both new Trojans and stronger, evolved iterations of previous malware top the most detected list.
The report also highlights the hike in attacks on businesses compared to consumer targets with a 55% and 4% rise in the respective sectors.
Not only are the targeted attacks becoming more sophisticated, they’re starting to target those with larger pockets, seeking greater rewards for their efforts. This is shown in the increased detection of Emotet, a malware that exclusively steals financial information from infected computers which is up 37% and ranks in the top six detected malware for businesses.
The threats don’t end with Trojans either, ransomware attacks saw an 88% increase while consumer attacks saw a welcome decline. Malwarebytes said new developments to GandCrab, including faster and more robust encryption features have made it an even greater threat. The new variant has already hit Florida’s Monroe County School District, causing a week-long outage of their computer network.
In addition, Magniber ransomware expanded to other regions. In previous years the attacks have been localised to South Korea, but in recent months the malware has increased its target range, setting its sights on other Asian countries too. Previous iterations of Magniber targeted users by identifying keyboard language layouts but it now checks for other languages native to Asian countries including Hong Kong, Singapore, and Malay.
The report should alarm businesses that make up the surprisingly high number of firms in the UK that are failing to implement the five steps recommended by the government's Cyber Essentials scheme. According to the annual Cyber Security Breaches Survey, only 50% of all businesses surveyed have implemented all five security measures as set out by the scheme.
"The number of businesses making cybersecurity a priority has increased year-on-year, but this survey shows that there is still a long way to go in addressing the very basics," said Tony Pepper, CEO of file-sharing firm Egress.
“Q3 2018 proved that more and more cybercriminals are willing to put on their big boy pants and put their software to the test in a much larger arena—whether that’s going toe to toe with businesses who have more robust security practices (but much juicer, profitable targets) or spreading out into new geolocations," the report said.
"The big story here is how many different malware authors (and thus different families and categories of threats) turned their attention at once to organizations, leaving their experimentation to the consumer side."
Industry: Cyber Security News
- CIAM Architect Azure B2C
We are seeking a highly skilled and experienced Azure B2C CIAM Architect for a contract starting on Jan 2024. As an Azure B2C CIAM Architect, you will be responsible for designing, implementing, and deploying an new Azure B2C Solution . Responsibilities: Design and implement an Azure B2C-based CIAM solution that meets the needs of our clients organization. Maintain and support the Azure B2C-based CIAM solution. Provide training and support to our employees on the use of the CIAM solution. Background designing, implementing, and maintaining CIAM solutions. Experience with cloud-based identity and access management (IAM) solutions. Experience with OAuth, OpenID Connect,and SAML. Excellent written and verbal communication skills
- Senior IAM Consultant
- Upto €110,000 depending on level of position
Senior IAM Consultant is needed to help lead and deploy IAM Projects for this expand IAM Consultancy The ideal candidate will have a deep understanding of IAM concepts and technologies, as well as experience in deploying and managing complex IAM solutions. Responsibilities Lead the deployment of IAM solutions for our clients Work with clients to understand their IAM requirements and design solutions that meet their needs Configure and implement IAM solutions using best practices Integrate IAM solutions with other enterprise systems Provide training and support to clients on the use of IAM solutions Stay up-to-date on the latest IAM technologies and trends We are looking for an experieneced IAM Consutlatn with: Strong understanding of IAM concepts and technologies,including identity lifecycle management,access control,and authentication Experience in deploying and managing complex IAM solutions Experience with IAM products and solutions,such as SailPoint,One Identity Manager,and Azure Active Directory Excellent communication and interpersonal skills Ability to work independently and as part of a team Fluent in German Candidates witll need to live and have the right to work within Germany to be considered.
- Security Architect - SOC Design - Outside IR35 London. SC / DV cleared
- Outside IR35
Security Architect - With in-depth SOC Design experience needed for Outside IR35 London. SC / DV cleared. 6 month rolling Immediate Experience delivering technical Security Architecture design / assurance of security design with mobile network experience. HLD / LLD Current SC Clearance a must. Willingness to undertake DV. London 3 days a week Immediately interviewing.
- Cyber Security Risk Consultant. UK. Hybrid. Home | Work balance
- United Kingdom
Cyber Security Consultancy - done the right way. Seeking a passionate Cyber Security Risk Consultant who enjoys helping clients make a different to their business. Warning- if you want a large, slow moving, high politics, high travel security consultancy that demands their a pound of flesh this is NOT for you. A successful individual will have experience working with clients to identify business cyber security risk. This is a remote first opportunity which means you will spend the majority of your time working remotely. You will however spend some time meeting clients as well as meeting up with the team on a monthly basis.. Some of the nice to have certifications. CRISC, ISO27001 Lead implementer, CISA, CISM, CISSP Along with dedicated training budgets, unlimited holiday and a structured career path, this opportunity will give a much needed work life balance. Unable to offer Visa sponsorship now or in the future. Apply and book a call in my diary with the below