A recent report, conducted by McAfee Labs security firm, revealed that while the total number of malware is continuously rising, Mac OS malware and web-based threats have declined in the past few months.
The report, named McAfee Labs Threat Report: September 2016, was published on September 14th and it combines three special studies: an analysis of the ransomware threat to hospitals, an analysis of information theft (methods and prevention), and “A crash course in security data science, analytics, and machine learning.”
McAfee statistics show that the new malware samples, detected in Q2 this year, were more than 40 million. This is the second highest number to ever have been recorded for a quarter. The total number of samples in the McAfee zoo is over 600 million.
The new samples of ransomware in Q2 were more than 1.3 million, the mobile malware new samples – around 2 million, and the malicious signed binaries detected in Q2 2016 were 1.5 million.
However, the macro malware marked the biggest increase. While in Q3 2014 researchers detected less than 10,000 new samples, by Q1 2016, they were more than 50,000 and in Q2 2016, they jumped to the whopping number of 180,000. Their total number now stands at more than 600,000, with a growth of 39% in the last quarter alone.
Mac OS X malware, on the other hand, decreased with only 7,500 new samples in Q2, while in Q1 more than 25,000 were detected. According to McAfee, this drop is a result of the dramatically reduced activity from a single adware family, OSX.Trojan.Gen.
Web threats are also declining from 2 million in Q3 2015 to around 400,000 in Q2 2016. Global spam volumes, however, have now been increasing over the last three quarters.
The report’s analysis of the ransomware threat explains that at this time ransomware is particularly targeting the healthcare sector.
“As targets, hospitals represent an attractive combination of relatively weak data security, complex environments, and the urgent need for access to data sources, sometimes in life or death situations.” – explains Vincent Weafer, Vice President for Intel Security’s McAfee Labs – “McAfee Labs expects a growing number of new industry sectors to be targeted by the extensive networks launching such attacks.”
The report’s study into information theft reveals that financial and retail sectors have the strongest defenses against data loss, while healthcare and manufacturing have the weakest ones. McAfee assumes that the reason for this is the fact that the last two sectors haven`t experienced many of these attacks in the past, hence they haven`t invested in better protection.
“Industry sectors such as healthcare and manufacturing present both opportunity and motive for cybercriminals.” – says Weafer -“Their relatively weak defensive capabilities coupled with highly complex environments simplify breaches and subsequent data exfiltration. The cybercriminals’ motive is ease of monetization, with less risk.”
According to the report, the overall picture of breach prevention is not soothing either. Instead of decreasing detection time like they should, more of the victims need more and more time to discover a threat.
“Breaches happen to far too many companies.” – reads the report – “Worse, they are not discovered nearly often enough by internal security teams, leading to a long gap between detection and remediation. And if the internal team is not detecting the breaches, it is also not preventing them.”
The report’s “crash course in security data science, analytics, and machine learning” part is a response to the attacks against 1st generation anti-malware companies (such as McAfee) by the new generation endpoint security companies that primarily use machine learning to detect malware presence.