Description of Threat:
Malware is a variety of
cyber threats including Trojans, viruses and worms.
Malware is code with malicious intent that typically steals data or destroys
something on the computer.
Trojan virus sends spam may
generate a minor increase in communications traffic, whereas other types of
infection could result in the complete breakdown of the corporate network or
the loss of businesses critical data.
In the first half of 2017,
1.9 billion data records were either lost or stolen through
918 cyberattacks. Most of the attacks used ransomware, a malware that infects
computers and restricts access to files in exchange for a ransom. There were also
several more malicious cyberattacks that destroyed data or stole millions of
By the end of 2017, they are
predicted to exceed $5 billion. Ransomware attacks are growing at
a yearly rate of 350 percent.
Email spam messages are commercial in nature but may also
contain disguised links that appear to be for familiar
websites but in fact lead to phishing web sites or sites that
are hosting malware. Spam email may also include malware as scripts
or other executable file attachments such as trojans.
As of the most recently reported period, spam messages
accounted for 59.56 percent of e-mail traffic worldwide
Phishing attacks are sent via email
and ask users to click on a link and enter their personal data. Phishing emails
have gotten much more sophisticated in recent years, making it difficult for
some people to discern a legitimate request for information from a false one.
Phishing emails often fall into the same category as spam, but are more harmful than just a simple ad.
Regardless of awareness training, people can still be
distracted or fooled into opening the wrong thing at the wrong time, so it’s
not surprise that spear phishing, email impersonation and spoofing are major
catalysts for the rise of CEO fraud and business email compromise (BEC) attacks.
The statistic gives information on the countries with the
largest share of phishing attacks worldwide as of the third quarter of 2017.
During this period, Brazil was ranked first with a 19.95 percent phishing
attack rate among online users.
Nature of Threat:
Malware typically infects a machine by tricking users into
clicking and/or installing a program that they shouldn’t from the Internet.
When the click or installation occurs, the malicious code executes actions that
the user doesn’t anticipate or intend, which could include:
· Self-replication in different parts of the file system
· Installing applications that capture keystrokes or
commandeer system resources, often running without the user being aware, while
slowing the system down considerably
· Blocking access to files, programs or even the
system itself, sometimes forcing the user to make a payment to regain access
· Bombarding a browser or desktop with ads
· Breaking essential system components and rendering
a device inoperable
on reports, countries like the US, UK, Russia, Australia, India, New Zealand,
Ukraine, France, Netherlands, Denmark and Germany have the highest amount of
affected businesses spread across such as government, banking, factory,
container port, freight forwarding and telephone system.
This causes emergency
services to be down and businesses to pay huge ransom to get the system
Spammers illegally buy lists of real
people’s email addresses, use “harvesting” programs that scour the
Internet like Google and copy any text that contains the “@”
character and use “dictionary” (brute force) programs like hackers.
Online users unwittingly volunteer their email address to dishonest
subscribe/unsubscribe online services.
Botnets are primarily used for sending out spam messages,
often including malware. The Cutwail botnet for example, can send up to 74
billion messages per day. They are also used to spread bots to recruit more
computers to the botnet.
Spammers intention is cause
disruptions to businesses and individuals for self-interest causing businesses
and individuals losing productivity to filter spam mails and cause damages from
Phishing targets victims
that are privileged users within an organization. If that user can be
tricked into giving up their username and password, then an imposter can
potentially re-use the official username/password to initiate their own
transfer. Attackers utilize more advanced and more determined phishing
methods if they are sure they have identified high value account holders. “Spear phishing” includes techniques to
ensure that the attacks are successful.
The resulting compromises have allowed
fraudulent wire transfers of sizeable amounts, $400,000 to 900,000, and
sometimes more. With average costs of spear-phishing attacks being $1.6
Businesses should deploy and
update firewalls frequently, prevent the transfer of large data files
over the network, install antivirus software to scan against attachments that
may contain malware in the email and file system and It’s also important to
make sure your computer’s operating system (e.g. Windows, Mac OS X, Linux) uses
the most up-to-date security updates. Software programmers update programs
frequently to address any holes or weak points. It’s important to install these
updates as well to decrease your own system’s weaknesses.
Businesses should deploy email filtering to block emails
sent from suspicious sources. Spam-filtering can block email by using real-time blackhole lists
maintained by third parties, who take the time to build comprehensive blacklists
on the behalf of their subscribers. Email filter simply connects to the
third-party system each time an email comes in, to compare the sender’s IP
address against the list.
Businesses should educate
their employees on detecting phishing mails. Verify any
requests from institutions that arrive via email over the phone. If the email
itself has a phone number, don’t call that number, but rather one you find
independently online or within documentation you’ve received from that company.
Most companies are adamant that they will not ask for personal information via
email. At the same time, most companies strongly recommend that users not make
sensitive information available.