According to research conducted by Internet security firm Kaspersky Lab, corporate malware attacks have increased by 3% year-on-year. In 2015, 58% of companies had been attacked with malware on at least one occasion and the motivation for conducting corporate malware attacks are numerous. Not all attackers are demanding a ransom.
Reasons for corporate malware attacks
In many cases, corporate malware attacks are conducted for financial reasons – but not always. There has been an increase in hacktivism and attacks on business competitors. According to research conducted by Kaspersky/B2B International, 28% of suspects in cyberattacks were believed to be attempting to simply disrupt a company’s operations.
Corporate malware attacks by competitors are believed to be increasing and in many cases the attackers are known. This is certainly the case for DDoS attacks. 48% of companies claimed to know the source of DDoS attacks they had suffered and 12% believed that the source was a specific competitor. 11% of attacks were conducted by political activists, while government backed groups accounted for 5% of attacks.
The mode of attack on corporate targets differs from attacks on consumers according to Kaspersky Lab.
There has been an increase in exploitation of legitimate software programs, with office programs used to attack companies three times as often as attacks on consumer targets. Internet-based attacks were commonly conducted on business customers. 29% of businesses claimed to have been exposed to Internet threats, while 41% of businesses were attacked via portable storage devices. Attacks on mobile devices have also increased as criminals have realized the ease at which the devices can be compromised and the wealth of data that are stored on the devices.
Cryptolocker infections double in 2015
Cryptolocker ransomware infections have increased substantially in recent months. There have been twice as many infections in 2015 as were recorded in 2014. According to Kaspersky, over 50,000 corporate devices were locked by Cryptolocker in 2015. Corporate customers have been given little alternative but to pay ransoms to get their data unlocked. Unfortunately, even when a ransom was paid, security keys were not always provided or did not work.
DDoS attacks being commissioned by business competitors
Attacks conducted for financial gain are still the most common, especially in the Telecom and manufacturing industry. Survey respondents from both industries claimed that ransoms were demanded in 27% of DDoS cyberattacks. Overall, 17% of attacks involved the disruption of services until a ransom was paid. In 18% of cases, DDoS attacks were conducted to distract IT security professionals while hackers went to work on other systems, as was the case with the recent attack on Internet and mobile phone service provider, TalkTalk. Companies appear to be increasingly attempting to gain a competitive edge by paying for hackers to disrupt the operations of their competitors.
2015: The year of the PoS attack!
2015 has also been a year of attacks on Point of Sale terminals. Retailers have been targeted by hackers trying to gain access to PoS data, oftentimes by installing malware capable of recording data from transactions. Kaspersky Lab managed to block more than 11,500 PoS hacks in 2015. 70% of hacks of PoS terminals involved malicious software that had only been developed this year. These attacks are likely to increase over the course of the next 12 months.