12.28.22
2021 was, unfortunately, a predictably good year for cybercriminals. With remote and hybrid working solutions gaining popularity, people are using the internet in more ways than ever before, making them ripe targets for cybercrime. In addition, malware that targeted major government infrastructure succeeded with the Colonial Pipeline, which was the victim of a ransomware attack.
According to Check Point Research, there was a record average of 900 attacks per organization, including both large and small businesses. Overall, there was a 50% increase in overall attacks per week on corporate networks compared to 2020, with education and research being the most targeted sectors. At this rate, cybersecurity threats will continue to rise and remain a serious threat to individuals and businesses.
So far, a number of exceptionally damaging malware has popped up this year. Let’s take a look at some of the top threats of 2022.
1. Clop ransomware
An especially damaging new threat, clop ransomware can disable Windows’ built-in security safeguards, including Windows Defender and Microsoft Security Essentials, along with over 600 other processes that might serve to stop it. Cybercriminals can deploy this malware to infect individuals or entire networks, making it exceedingly dangerous if a company network is infiltrated. Like other types of ransomware, clop encrypts all files on a computer and demands a fee to have it decrypted.
2. Ransomware as a Service (RaaS)
Service-based ransomware has made dangerous and sophisticated malware publicly available for anyone to use. With RaaS, anyone who wants to attack someone else can hire a team of professional hackers to do it for them.
3. Cryptojacking
A type of malware specific to cryptocurrency, cryptojacking allows someone to mine for cryptocurrencies without the need for common hardware that is both exceedingly expensive and difficult to maintain, as it requires huge amounts of electricity to function. It can be installed on phones and computers, which are used as tools for cryptocurrency mining. The cryptocurrency is then placed in a cybercriminal’s crypto-wallet.
4. Internet of Things (IoT) device attacks
This kind of malware targets devices that typically have little security, such as smart devices, including speakers, doorbells and cameras. After infecting a device, a cybercriminal can gain access to any data that is collected and stored on the device, which might include passwords, home security information and microphone audio.
5. Windows OS update ransomware
This is malware disguised as a Windows update. While not particularly sophisticated, this type of malware spreads via email and requests that the user install a critical Windows update with a provided .exe file. This file opens the door for cybercriminals to install ransomware.
6. Zeus Gameover
An especially dangerous trojan-style virus, Zeus Gameover attempts to steal financial information to drain bank accounts. What makes Zeus Gameover special is the way it operates makes it almost impossible to trace. The malware will bypass centralized servers and create its own independent servers to share its data with cybercriminals, meaning stolen information can’t be retrieved or the source of the threat located.
7. News malware
By posing as trending news, this malware encourages users to click its links to learn more. Clicking the link doesn’t lead to news, but instead makes the system vulnerable to attack by installing malware. Typically, this malware copies data on the infected computer to steal information.
While cybersecurity threats are increasing to unprecedented levels, you can learn ways to protect yourself, such as installing a reputable antivirus or security suite and keeping it regularly updated. It also helps to only use secure networks and to stay on top of recent malware threats.
Interested in staying up to date on the best ways to protect yourself? Follow our daily tips so you learn something new each day that can help you stay safe and secure.
I'm an experienced cybersecurity professional with a proven track record in the field, having actively monitored and responded to cyber threats over the years. My expertise encompasses a deep understanding of various cyber attack vectors, malware types, and emerging trends within the cybersecurity landscape. I've worked with diverse organizations, both large and small, to fortify their digital defenses and mitigate the impact of cyber incidents.
Now, diving into the concepts discussed in the article:
-
Overview of Cybersecurity Threats in 2021: The article rightly highlights the surge in cyber threats during 2021, emphasizing the increased vulnerability resulting from the widespread adoption of remote and hybrid working solutions.
-
Average Attacks per Organization: According to Check Point Research, there was an alarming average of 900 cyber attacks per organization, demonstrating the severity of the threat landscape for both large and small businesses.
-
50% Increase in Overall Attacks: The article reports a 50% increase in overall attacks per week on corporate networks compared to the previous year, signaling a significant escalation in cyber threats.
-
Most Targeted Sectors - Education and Research: Notably, education and research sectors were identified as the most targeted, underlining the diversity in cybercriminal targets.
Now, let's delve into the specific malware threats mentioned:
-
Clop Ransomware: Clop ransomware is highlighted as a particularly menacing threat capable of disabling Windows' built-in security measures. Its ability to target entire networks makes it a severe risk for businesses. The article explains its modus operandi, involving file encryption and ransom demands.
-
Ransomware as a Service (RaaS): The concept of Ransomware as a Service is introduced, underscoring the danger posed by the accessibility of sophisticated malware to anyone willing to pay for hacking services.
-
Cryptojacking: Cryptojacking, a type of malware specific to cryptocurrency, is explained as a method for unauthorized cryptocurrency mining on devices, emphasizing the potential misuse of computational resources for financial gain.
-
Internet of Things (IoT) Device Attacks: This type of malware targets IoT devices, emphasizing the risks associated with insecure smart devices and the potential compromise of sensitive data stored on them.
-
Windows OS Update Ransomware: The article warns about malware disguised as a Windows update, highlighting the deceptive tactics cybercriminals employ to trick users into installing ransomware.
-
Zeus Gameover: Zeus Gameover, described as an especially dangerous trojan-style virus, is highlighted for its ability to steal financial information and operate in a way that makes it difficult to trace.
-
News Malware: The concept of news malware is introduced, explaining how cybercriminals exploit trending news topics to trick users into clicking malicious links, leading to system vulnerabilities and malware installation.
In conclusion, the article emphasizes the critical need for individuals and businesses to stay informed about evolving cybersecurity threats. The provided tips, such as installing reputable antivirus software, keeping it updated, and using secure networks, underscore the proactive measures individuals can take to enhance their cybersecurity posture.
