One of the most insidious and growing threats is crypto mining, where hackers essentially hijack computing devices to use their CPU power and electricity to mine crypto currency. Unsuspecting victims of such attacks can end up with massive electricity or cloud service bills, as well as slow, overheated or unusable devices.
According to the Check Point Software report, 40 percent of organizations were impacted by crypto miners last year, making it the most prominent malware infection used by threat actors. The report also found that crypto jackers are becoming more creative and deceptive, using methods like drive-by attacks. The good news? Ransomware is down.
“Crypto jacking is pretty much here to stay,” said Erich Kron, security awareness advocate at KnowBe4, a security awareness training and simulated phishing platform company. “The best thing IT professionals can do is take it seriously, because crypto jackers can work resources really hard. They don’t care if they burn up your computers or use a lot of power.”
One of the best defenses against crypto jacking, added Kron, is to implement tools that use artificial intelligence and machine learning. It’s the best way to detect the type of anomalies most organizations don’t look for, such as high CPU use during off-peak times or after hours.
The Check Point report also found a surge in DDoS attacks, a direct result of a rise in the use of botnets. Nearly 20 percent of organizations were hit by bots last year, which are used to launch DDoS attacks and spread other malware. It found the most prevalent botnets during 2018 included Necurs, Dorkbot and Andromeda. Necurs, a spam botnet, adopted new techniques to avoid detection, while Dorkbot was typically used to download or launch other malware components. The insidious botnet upped the game this year, using a mixture of AntiVM and APC injection methods.
“The thing about DDoS attacks is they are leveraging these devices in these bot pens, and it can be really tough to defend against,” Kron said.
There is no silver bullet to defend against DDoS attacks, he added; instead, it’s about layers of protection. While many gateway devices have some built-in protections, it can make sense to add a cloud solution like CloudFlare that is designed in part to mitigate these types of attacks. Experienced IT professionals also might consider geo-isolating traffic to prevent anything outside of North America penetrating the firewall, Kron said.
Another area of growing concern, according to the Check Point report, is mobile malware: Malicious apps are displaying inappropriate ads, attempting to trick users into downloading fake security apps and register for expensive premium services. The survey found a host of problems with both iOS and Android apps and devices.
On the plus side, the report found a decline in ransomware.
Check Point also introduced a new product. Check Point Maestro, a hyperscale network security solution, is designed to enable organizations to quickly scale up their security gateways on demand—up to the performance of 52 gateways. The company explained that this drastically increases firewall throughput and helps organizations support the high data rates and ultra-low latency required by 5G networks.