IBM: Cybercriminals abandon ransomware for 'cryptojacking'

Jackie Drees - Print  | 

As more companies increase their cybersecurity measures and awareness, cybercriminals have started altering their techniques to focus more on return on investment, according to IBM's "2019 X-Force Threat Intelligence Index" report.

The report is based on observations from 70 billion security events that occurred per day between Jan. 1, 2018, and Dec. 31, 2018, across more than 130 countries. Data is analyzed from multiple sources, including IBM Managed Security Services and X-Force Incident Response and Intelligence Services.

Five things to know:

1. The report details two major shifts among cybercriminals: a decreased reliance on malware and a decline in ransomware attacks.

2. Cybercriminals have also increased "cryptojacking" attacks — the illegal use of an organization's or individual's computing power without their knowledge to mine cryptocurrencies. Cryptojacking nearly doubled the number of cyberattacks in 2018.

"One of the hottest commodities is computing power tied to the emergence of cryptocurrencies," Wendi Whitmore, IBM X-Force Incident Response and Intelligence Services global lead, said in a news release. "This has led to corporate networks and consumer devices being secretly highjacked to mine for these digital currencies."

3. Throughout 2018, ransomware attempts declined. In the fourth quarter of 2018, attempts to install ransomware on X-Force monitored devices were down 55 percent with respect to the first quarter, while cryptojacking attacks rose 450 percent in the same timeframe.

4. Targeted phishing campaigns accounted for 29 percent of cyberattacks in 2018. Of those phishing campaigns, business email compromise scams made up 45 percent of attacks.

5. In place of malware last year, cybercriminals leveraged common administration applications to gain illegal profits and evade detection in 57 percent of cyberattacks.

"If we look at the drop in the use of malware, the shift away from ransomware, and the rise of targeted campaigns, all these trends tell us that ROI is a real motivating factor for cybercriminals," Ms. Whitmore said. "We see that efforts to disrupt adversaries and make systems harder to infiltrate are working. While 11.7 billion records were leaked or stolen over the last three years, leveraging stolen personally identifiable information for profit requires more knowledge and resources, motivating attackers to explore new illicit profit models to increase their ROI."

Report authors concluded that organizations can increase cybersecurity preparedness through preventive measures such as threat hunting and risk management models.

To view IBM's full report and list of recommendations, click here.

More articles on cybersecurity:
Rutland Regional Medical Center employees' email accounts compromised in phishing attack
'Technology has left the healthcare industry more vulnerable to attack' — Senator questions trade groups on cybersecurity
'Data error' exposes 974,000 patient records at UW Medicine

© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

To receive the latest hospital and health system business and legal news and analysis from Becker's Hospital Review, sign-up for the free Becker's Hospital Review E-weekly by clicking here.