Malware, Ransomware

Cybercriminals favored non-malware attacks in 2017: Report


Non-malware-based cyberattacks were behind the majority of cyber incidents reported in 2017, despite proliferation of malware available to both the professional and amateur hacker.

However, non-malware attacks were only part of the story in 2017 as Carbon Black also reported that ransomware attack are inflicting significantly higher costs and the number of attacks skyrocketed during the course of the year.

Non-malware, or file-less, attacks using PowerShell and Windows Management Instrumentation tools, normally utilized by IT staffers along with exploiting exploit in-memory access and running applications, like web browsers and Office applications, were used in 52 percent of all attacks, according to a Carbon Black report. The number of non-malware based attacks increased, on average, of 6.8 percent per month during 2017 with 64 percent of security researchers surveyed by Carbon Black noting an uptick in this style of attack.

Carbon Black also found that many security workers were not confident in the legacy tools they had on hand to defeat non-malware attacks with two-thirds indicating they had no confidence that traditional anti-virus software would protect their firm.

Despite all the problems non-malware attacks caused, malware was able to inflict a tremendous amount of damage and cost on businesses and individuals during 2017.

The company cited a Cybersecurity Ventures report that ransomware alone cost business about $5 billion in paid ransoms in 2017, up from $850 million in 2016 and just $24 million in 2015. Tech companies, governments and those in the legal profession were the biggest losers and Carbon Black noted that Spora was used in about 20 percent of all attacks followed by CryptXXX/Exxroute, Locky, Cerber, and Genasom.

In addition to the financial cost of malware increasing, attacks also came at a fast and furious rate last year. Carbon Black reported that the number of attacks hitting individual computers protected by its software went from 0.7 per month earlier in the year to more than three times per month as the year closed out.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.