Ransomware dominated the first half of 2019, while mobile banking malware threats grew by more than 50% from 2018 to 2019, according to Check Point’s Mid-Year Trends Report.
“This year collaborations between threat actors allowed even more destructive attacks that paralyzed numerous organizations worldwide. What ends with a ransomware attack usually starts with a more silent sequence of bot infections,” the report said.
Though there was an 18% decrease in the number of global organizations impacted by crypto-miners from 2018 to 2019, the report found that there was a sharp increase in supply chain attacks. “Software supply chain attacks attracted public and government attention,” the report said.
“In such attacks threat actors inject malicious code into components of legitimate applications, victimizing a large number of unsuspecting users. The accumulation of several cases since the beginning of the year led the American government to devote special attention to this evolving threat and will soon publish official recommendations on ways to minimize the impact of such attacks.”
In addition, the vast majority (90%) of attacks leveraged older vulnerabilities that were registered in 2017 and earlier, and more than 20% of attacks used vulnerabilities that are at least seven years old, according to the research.
2019 has also seen a surge in sextortion scams and business email compromise (BEC). “This year saw the sextortion scammers doing everything possible to make their victims worried enough to pay up and avoid the publication of the alleged sexual materials. This mainly includes providing the victim’s personal credentials as evidence, which were usually leaked in previous data breaches or purchased in underground forums,” the report said.
Also on the rise are attacks targeting resources and sensitive data in public cloud environments. According to the report, “So far this year, cloud cryptomining campaigns stepped up, upgraded their technique set and were capable of evading basic cloud security products, abusing hundreds of vulnerable exposed Docker hosts and even shutting down competitors’ cryptomining campaigns operating in the cloud.”