Ransomware was abandoned in favor of cryptojacking attacks on the company

Cryptojacking attack

As defenses improve, criminals seek ways to secure a return to their illegal schemes.

Ransomware is becoming popular as cyber attackers look for other ways to earn a criminal living from compromising enterprise companies, with cryptojacking now capturing these people’s interests worldwide.

Ransomware is a virulent malware form. Variants such as WannaCry, CryptoMix, GandCrab and Ryuk can encrypt infected systems and disks, remove content barriers and prevent proper operation of PCs. To make a profit from these malware infections, hackers demand payment-usually in cryptocurrency-in exchange for a key that can or cannot decrypt infected systems.

We have seen the catastrophic effect that ransomware can have on companies around the world in recent years.
However, now alert to the financial and operational damage that this malware can cause, organizations protect themselves more effectively against ransomware, and cyber security companies constantly develop software to provide free alternatives to ransomware – infected systems.

These changes have distanced cybercriminals from ransomware to easier alternatives that can still make a profit.

On Tuesday, IBM Security’s research team released the 2019 IBM X – Force Threat Intelligence Index, which says there are two major shifts in today’s cyber – criminal world – the shift away from ransomware and a reduced reliance on malware in general in direct attacks.

According to the report, the use of ransomware against the company has been “significantly reduced,” with only one major spam – based ransomware attack recorded by IBM throughout 2018 through the Necurs botnet.

In total, ransomware attacks in Q4 2018 decreased by 45 percent compared to Q1 2018, while cryptojacking attempts quadrupled by 450 percent in the same time frame.

If we look at the decline in malware use, the shift away from ransomware, and the rise in targeted campaigns, all these trends tell us that return-on-investment is a real motivating factor for cyber criminals, “said Wendi Whitmore, Director of IBM X-Force Threat Intelligence.”[…] Personally identifiable information (PII) has begun to lose its value, and new illicit profit models are beginning to lose their value. This led to the secret hijack of corporate networks and consumer devices for these digital currencies.

In addition, the report found that the abuse of system tools to attack the company has increased rather than malware. IBM says more than half of cyberattacks-57 percent-in 2018 leveraged common applications such as PowerShell and PsExec, but malware remained popular in advanced persistent threat groups (APT).

In cyber security, the misconfiguration of public – facing systems, such as the use of default credentials or exposed databases, is also still a problem for companies. According to IBM, misconfiguration incidents reported by the public have increased by 20 percent year – on – year.

Mark Funk
Mark Funk is an experienced information security specialist who works with enterprises to mature and improve their enterprise security programs. Previously, he worked as a security news reporter.