SEARCH FINANCIAL SERVICES INFRASTRUCTURE SECURITY SCIENCE INTERVIEWS

 

     

Botnets Drive Rise in Malware Activity

February 22, 2017

Botnets are making malware and spam campaigns more accessible than ever, noted AppRiver in its 2016 Global Security Report. Botnets’ range is considered to be primarily behind the escalation in malware activity—which clocked in at 15.5 billion malicious emails and 30.4 billion spam emails during 2016. The report also includes metrics from Web-borne threats, reporting an average of 40 million unique threats daily throughout the second quarter.

The report notes that in addition to traditional hardware like personal computers, the Internet of Things (IoT) delivers a new catalogue of devices that can be hacked for nefarious purposes. Smart watches, mobile phones, and smart assistants offer botnets millions of more devices that can be used to deliver their malware campaigns, or even to gather data on unfortunate consumers.

“When Mirai was used to take down Dyn last year, it cast a light on the lack of security protecting IoT devices,” said Troy Gill, manager of security research, AppRiver. “At inception, most devices are created with convenience and fun in mind, not all of the ‘what-ifs’ behind security vulnerabilities. This leads to many security vulnerabilities in the devices, which of course are exploited by hackers.”

The report also includes predictions for 2017, including:

◦Acts of cyber aggression will become the new front lines between nation states
◦Mobile malware will become a household name
◦IoT botnets will continue to wreak havoc
◦Ransomware will continue to be the most prolific threat on the Web
◦New legislation will be passed to give more investigative powers to law enforcement

To prevent malware attacks, AppRiver recommends organizations have the following systems in place:

◦Antispam and antivirus solutions, including protection against Web-borne malware
◦Routine, mandatory software updates so that known vulnerabilities are patched
◦Double authentication procedures as a safeguard against “whaling” and other highly targeted attacks
◦Formal security policies and ongoing training to keep employees up to date and aware of their individual role in protecting company networks

Terms of Use | Copyright © 2002 - 2017 CONSTITUENTWORKS SM  CORPORATION. All rights reserved. | Privacy Statement