September 25, 2017 at 11:53Comodo Group reports four-fold increase in the number of cyber threats
Comodo Group Inc. reports that in the second quarter of this year, the number of malicious programs increased by almost 4 times compared with the first quarter. According to the report , the number of infections increased from 25 million to 97 million.
According to Kaspersky Lab, they were able to detect and repel 45 thousand attacks of the WannaCry worm in more than 74 countries. And Petya, whose new iteration (NotPetya) appeared on June 27, hit 2,000 companies with EternalBlue . / Flickr / Christoph Scholz / CC Most often, infections occurred
with the help of trojans - 5.8 million cases. They are followed by worms - 4.5 million infections and 2.6 million traditional viruses. It also revealed 209 thousand uses of backdoors.
"Infections" were recorded in 236 of 253 top-level domains. The leaders in the number of attacks were Russia, Indonesia and the Philippines. The United States took first place in the number of infections with the Trojan horses.
As claimed in Comodo, viruses and worms are the most common in countries with weak economies, as well working in poorly protected networks. Backdoors, on the other hand, were more common in rich countries and were of a targeted nature: in Australia, Great Britain and Japan.
Therefore, many states are strengthening their work in the field of combating cybercrime. Holger Muench, president of the German Federal Criminal Police Office, calls for tougher laws to combat darknet cybercrime and other criminal groups. And Japan is launching several training centers to train security specialists and research on cybergurosis.
In the United States, Georgia Rep. Tom Graves has introduced a bill providingvictims of ongoing cyber attacks have broader rights to respond. In particular, victims of hacker activity will be able to take aggressive countermeasures to protect their information, that is, to crack intruder systems in response. The document also describes “active cyber defense measures,” which are understood as: the identification of the offender and the transfer of this information to law enforcement agencies.
Russia also takes part in the global fight against cybercrime by presenting the draft UN convention “On cooperation in the field of combating information crime”. It describes the technical and legal interaction of the parties in the field of information and communication technologies.
According to RAEC forecasts and a report on current cyber threats from Positive Technologies, the number and complexity of attacks will only grow . There is even the likelihood of another major DDoS attack, as ransomware leasing services continue to gain popularity. Attacks will evolve in environments such as cloud technology and mobile software.
It is worth noting that the danger is also threatened by IoT technologies. According to Nexusguard, the growth in the number of attacks on IoT networks has grown by 380% over the past six months. This is due to both the growing popularity of IoT and the vulnerability of technology. You can read more about other trends in cyber threats here and here .
Experts note that the main reasons for the increase in the number of attacks are the backlog of security systems technologies, tensions between some countries within the framework of world politics, the lack of IT professionals and the improvement of methods and techniques of attacks themselves (we wrote more about this here ).
/ Flickr / henri bergius / cc
Security experts continue to remind you of the importance of maintaining IT hygiene: strong passwords, employee training, and not storing important information in the mail. However, they are also convinced that a high level of protection can be achieved by eliminating the influence of the human factor. Therefore, they turn to machine learning capabilities and artificial intelligence systems.
One such smart solution isDeep Instinct, which uses deep learning to recognize malicious code. Developers selected millions of files of all varieties, classified them, and donated them to the network for training. The end result was a forecasting model that the company called instinct. The solution can detect zero-day vulnerabilities, new malware, and sophisticated targeted cyber attacks (APTs).
Another way to fight for security with AI was introduced by Microsoft. They created a developer tool - Microsoft Security Risk Detection - that looks for bugs and vulnerabilities in upcoming software.
According to Microsoft researcher David Molnar (David Molnar), to conduct fuzzing companies usually hire security experts. But as the volume of software created and used has increased, testing has become more complicated. At the same time, the importance of this task has grown several times due to the rapid increase in the number of cyberattacks.
Molnar says that the tool automates the same algorithm that we use to find an error, it only works on a different scale thanks to the cloud. Read more about it here .
Representatives of the company also said that Windows Defender in the new Creators Update for Windows uses the capabilities of artificial intelligence to protect against malware.
Although AI is not yet able to eliminate all potential cyber threats, it can analyze the behavior of programs. Solving the problem of modeling good behavior “manually” is almost impossible. Artificial intelligence can process significant amounts of data and automatically generate basic models of normal behavior and distinguish malicious code.
Comodo Group is an American software company. It is one of the largest certificate providers, offering free certificates for personal email. It was founded in 1998.
PS A few materials on the topic from our blog:
According to Kaspersky Lab, they were able to detect and repel 45 thousand attacks of the WannaCry worm in more than 74 countries. And Petya, whose new iteration (NotPetya) appeared on June 27, hit 2,000 companies with EternalBlue . / Flickr / Christoph Scholz / CC Most often, infections occurred
with the help of trojans - 5.8 million cases. They are followed by worms - 4.5 million infections and 2.6 million traditional viruses. It also revealed 209 thousand uses of backdoors.
"Infections" were recorded in 236 of 253 top-level domains. The leaders in the number of attacks were Russia, Indonesia and the Philippines. The United States took first place in the number of infections with the Trojan horses.
As claimed in Comodo, viruses and worms are the most common in countries with weak economies, as well working in poorly protected networks. Backdoors, on the other hand, were more common in rich countries and were of a targeted nature: in Australia, Great Britain and Japan.
Therefore, many states are strengthening their work in the field of combating cybercrime. Holger Muench, president of the German Federal Criminal Police Office, calls for tougher laws to combat darknet cybercrime and other criminal groups. And Japan is launching several training centers to train security specialists and research on cybergurosis.
In the United States, Georgia Rep. Tom Graves has introduced a bill providingvictims of ongoing cyber attacks have broader rights to respond. In particular, victims of hacker activity will be able to take aggressive countermeasures to protect their information, that is, to crack intruder systems in response. The document also describes “active cyber defense measures,” which are understood as: the identification of the offender and the transfer of this information to law enforcement agencies.
Russia also takes part in the global fight against cybercrime by presenting the draft UN convention “On cooperation in the field of combating information crime”. It describes the technical and legal interaction of the parties in the field of information and communication technologies.
What to expect by the end of the year
According to RAEC forecasts and a report on current cyber threats from Positive Technologies, the number and complexity of attacks will only grow . There is even the likelihood of another major DDoS attack, as ransomware leasing services continue to gain popularity. Attacks will evolve in environments such as cloud technology and mobile software.
It is worth noting that the danger is also threatened by IoT technologies. According to Nexusguard, the growth in the number of attacks on IoT networks has grown by 380% over the past six months. This is due to both the growing popularity of IoT and the vulnerability of technology. You can read more about other trends in cyber threats here and here .
Experts note that the main reasons for the increase in the number of attacks are the backlog of security systems technologies, tensions between some countries within the framework of world politics, the lack of IT professionals and the improvement of methods and techniques of attacks themselves (we wrote more about this here ).
/ Flickr / henri bergius / cc
Intelligent Security Techniques
Security experts continue to remind you of the importance of maintaining IT hygiene: strong passwords, employee training, and not storing important information in the mail. However, they are also convinced that a high level of protection can be achieved by eliminating the influence of the human factor. Therefore, they turn to machine learning capabilities and artificial intelligence systems.
One such smart solution isDeep Instinct, which uses deep learning to recognize malicious code. Developers selected millions of files of all varieties, classified them, and donated them to the network for training. The end result was a forecasting model that the company called instinct. The solution can detect zero-day vulnerabilities, new malware, and sophisticated targeted cyber attacks (APTs).
Another way to fight for security with AI was introduced by Microsoft. They created a developer tool - Microsoft Security Risk Detection - that looks for bugs and vulnerabilities in upcoming software.
According to Microsoft researcher David Molnar (David Molnar), to conduct fuzzing companies usually hire security experts. But as the volume of software created and used has increased, testing has become more complicated. At the same time, the importance of this task has grown several times due to the rapid increase in the number of cyberattacks.
Molnar says that the tool automates the same algorithm that we use to find an error, it only works on a different scale thanks to the cloud. Read more about it here .
Representatives of the company also said that Windows Defender in the new Creators Update for Windows uses the capabilities of artificial intelligence to protect against malware.
Although AI is not yet able to eliminate all potential cyber threats, it can analyze the behavior of programs. Solving the problem of modeling good behavior “manually” is almost impossible. Artificial intelligence can process significant amounts of data and automatically generate basic models of normal behavior and distinguish malicious code.
About Comodo Group
Comodo Group is an American software company. It is one of the largest certificate providers, offering free certificates for personal email. It was founded in 1998.
PS A few materials on the topic from our blog: