TRENDING
of all malware slip past basic signature-based
antivirus solutions due to various obfuscation
methods. One way every organisation
can become more secure against these
sophisticated, evasive threats is to deploy
defences enabled with advanced malware
prevention like our APT Blocker service.”
WatchGuard’s Internet Security Report offers
in-depth insights on the top cyberthreats
each quarter, along with defence
recommendations SMBs can use to protect
themselves. The findings are based on data
from tens of thousands of active Firebox
UTM appliances around the world. Here are
the top takeaways from the Q1 2018 report.
Cryptocurrency miners are on the rise
“
Corey Nachreiner,
Chief Technology
Officer at
WatchGuard
Technologies
SINCE PAST VERSIONS OF
RAMNIT HAVE TARGETED BANKING
CREDENTIALS, WATCHGUARD
ADVISES ITALIANS TO TAKE EXTRA
PRECAUTIONS WITH THEIR BANKING
INFORMATION AND ENABLE MULTI-
FACTOR AUTHENTICATION FOR ANY
FINANCIAL ACCOUNTS.
“While ransomware and other advanced
threats are still a major concern, these new
cryptominer attacks illustrate that bad actors
28
INTELLIGENTCIO
are constantly adjusting their tactics to find
new ways to take advantage of their victims.
In fact, once again in Q1, we saw nearly half
Several cryptocurrency miners appeared for
the first time in WatchGuard’s list of the top
25 malware variants. Firebox appliances
have a rule called Linux/Downloader, which
catches a variety of Linux ‘dropper’ or
‘downloader’ programs that download
and run malware payloads. Usually, these
droppers download a wide range of malware
but in Q1 2018, 98.8% of Linux/Downloader
instances were trying to download the same
popular Linux-based cryptominer. Evidence
from Q2 so far indicates that cryptomining
malware will stay on WatchGuard’s top 25
list and may even crack the top 10 by the
end of the quarter.
The Ramnit trojan makes a
comeback in Italy
The only malware sample on WatchGuard’s
top 10 list that hadn’t appeared in a
past report was Ramnit, a trojan that
first emerged in 2010 and had a brief
resurgence in 2016. Nearly all (98.9%) of
WatchGuard’s Ramnit detections came from
Italy, indicating a targeted attack campaign.
Since past versions of Ramnit have targeted
banking credentials, WatchGuard advises
Italians to take extra precautions with their
banking information and enable multi-factor
authentication for any financial accounts.
For the first time, APAC reports the
highest malware volume
In past reports, APAC has trailed EMEA and
AMER in the number of reported malware hits
by a wide margin. In Q1 2018, APAC received
the most malware overall. The vast majority of
www.intelligentcio.com