Technology Reseller v39

01732 759725 36 SECURITY December it had become the norm, with 54% of such sites using https, compared to 46% using http. Milbourne expects the ratio to have reached 70:30 by the end of the year, as it already has in some verticals, such as cryptocurrency sites. 3 Malware Malware has declined since its peak in 2015, due to a number of factors, including the roll-out of Windows 10; actions by Google and others against the PUA (Potentially Unwanted Applications) group of threats and the pay-per-install model; and, thirdly, a shift to the use of Windows built-in components to carry out attacks instead, like the PowerShell administrator tool. “You can do almost every stage of an attack with PowerShell itself, so in 2018 we released script protection as part of the Webroot Evasion Shield to really try to stop these attacks. We advocate disabling PowerShell if it is not needed – the same for Office macros. Almost no one needs them, and if they do, then enable it for that individual specifically. The same goes for PowerShell; it should definitely not be enabled for a local user account,” says Milbourne. Despite these changes, malware is obviously still a problem, especially for consumer devices, which experience twice as many malware infections as business ones. “One interesting thing we saw is that there is not that much diversity in where the majority of malware tries to hide itself on the operating system. We found that most malware hides in one of four directories – the temp directory, the browser, cache directories or your download folder. You can easily set up a policy to prevent execution from these directories. It’s an easy layer to implement that gives you 25% or 30% efficacy just based on breaking how malware tries to install itself.” 4 Mobile and Android Unsurprisingly, this is a growing area of concern, not just because malware for Android devices, including IoT devices, is growing, but also because of new techniques like fleeceware, which lures victims in with a cheap subscription of $1.99 a month, which then increases to $199 a month. There is a lot more detail, statistics and advice in the 2021 Webroot BrightCloud Threat Report itself. To download a copy, please visit https://mypage.webroot . com/2021-threat-report.html . longer they do so the more likely they are to be caught. But, because they have breached the network, they can disable back-ups, turn off security solutions and basically deploy the ransomware like a policy update, so all the endpoints get it at the same time. A lot of times the ransom cost is calculated to be right in that sweet-spot where a business might think what is the bigger headache or the bigger burden, paying the ransom or going public with it and coping with the damage to productivity and reputation.” 2 Phishing Phishing continued to be a major threat in 2020, with a 34.4% year-on-year increase in activity, and continued to evolve in response to changing end user habits caused by the coronavirus pandemic. “Covid really had an impact,” explains Milbourne. “One of the brands we had never seen before at the top of the list of phishing targets was eBay. Typically, the most targeted sites are email providers because criminals want to get into your main email account and then break into whatever other accounts you have. For the first couple of months of the pandemic, basically every phishing attempt we encountered was some variant of an eBay log in, saying your order has an issue or spoofing the natural notifications you would get from eBay. We suspect product shortages and people trying to buy stuff on eBay. Then we saw it rapidly fall off; 90% of eBay’s total phishing for the year happened in those two months.” In February last year, 31.1% of all phishing attacks impersonated eBay. In March, phishing activity surged among streaming services like YouTube (up 3,064%), Netflix (525%) and Twitch (337%). Another Covid-related risk, not featured in this year’s report but which Milbourne expects to have telemetry on next year, is scam sites or improperly secured shopping sites. “We saw a lot of this with Covid. Phishing isn’t always for log-in credentials. A lot of times it could just be leading you to donate money to a scam charity – and that whole process could have https and look very good. In the last year we have been investing more in identifying sites that aren’t textbook malicious but which you might wish you hadn’t tried to buy a pair of shoes from so that they could sell your credit card details.” Meanwhile, the trend for phishing sites to use https continued. In fact, by ...continued Key findings Phishing n Attacks increased 510% from January to February alone n The top five phishing targets of the year were eBay, Apple, Microsoft, Facebook and Google n By the end of 2020, 54% of phishing sites used HTTPs. Use of HTTPS varies considerably based on the industry being targeted and is most heavily used when spoofing cryptocurrency exchanges (70% of the time), ISPs (65%), and gaming (62%) Malware n 86.1% of malware is unique to a single PC n 83% of Windows malware hides in one of four locations. One of which, %appdata%, saw the infection rate jump 59.2% YoY n Consumer devices saw twice as many malware infections as business devices Infection Rates by Country and Industry n At 2.3%, Japan had the lowest PC infection rate per region, followed by the United Kingdom (2.7%), Australasia (3.2%) and North America (3.7%) n In Europe, home devices were more than three times as likely to encounter an infection as business devices (17.4% versus 5.3%) n Based on reported data, Healthcare and Social Assistance (down 41.4% from the YoY average) had the lowest infection rates; the industries with the highest infection rates were Wholesale Trade, Mining/Oil/Gas and Manufacturing Mobile and Android n Of the total threats detected on Android devices in 2020, Trojans and malware accounted for 95.9%, up from 92.2% in 2019 n Outdated operating systems accounted for nearly 90% of Android infections n Malware for Android-based IoT devices is increasing, underscoring the importance of securing all Android devices beyond just smartphones and tablets opentext.com