Non-Malware Attacks on the Rise, in the Shadow of Ransomware

Exterminator

Exterminator

Community Manager
Thread author
Verified
Staff Member
Well-known
Oct 23, 2012
12,527
2016 saw attackers holding data for ransom at an alarming rate; but in conjunction with the rise of ransomware and the continued ubiquity of mass malware, attackers are increasingly utilizing non-malware attacks in an attempt to remain undetected and persistent in organizations’ networks.

According to Carbon Black data, these non-malware attacks are capable of gaining control of computers without downloading any files and are using trusted, native operating system tools (such as PowerShell) and exploiting running applications (such as web browsers and Office applications) to conduct malicious behavior.

In its end-of-year threat report, Carbon Black found that instances of severe non-malware attacks grew throughout 2016. And in any given 90-day period, about one-third of organizations are likely to encounter at least one severe, non-malware attack.
Instances of non-malware attacks leveraging PowerShell and Windows Management Instrumentation (WMI) grew throughout 2016. Such attacks spiked by more than 90% in the second quarter of this year (93.2%) and have stayed at escalated levels since. And, some leading attack campaigns in 2016, including PowerWare and the hack against the Democratic National Committee (DNC) leveraged non-malware attack vectors to carry out nefarious actions.

Meanwhile, the research also found that ransomware, which is on track to be an $850 million business in 2016 according to FBI data, has emerged as the fastest-growing malware across all industries in 2016.

When considering the total amount of ransomware seen this year, manufacturing companies (16% of total ransomware instances), utility/energy companies (15.4% of all ransomware instances) and technology companies (12.6% of all ransomware instances) led the way.

Locky emerged as the go-to ransomware family of 2016, used in one-quarter of all ransomware-based attacks. CryptoWall, CryptXXX, Bitman and Onion (CTB Locker) round out the top five ransomware families seen in 2016.

That said, it’s important to keep things in perspective, the report noted: “While ransomware continues to generate headlines, it is still only a piece of the overall malware scope. Even with its rapid growth, ransomware still only accounts for 2% of total malware seen in 2016. Locky, which was the most prevalent ransomware family seen in 2016 according to Carbon Black data, ranks 13th when stacked against other types of malware.”
Click to expand...

Some food for thought considering that Ransomware accounts for a very low percentage of the total malware.
 
  • Like
Reactions: DardiM, AtlBo, Der.Reisende and 4 others
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
    • Wow
    • +Reputation
September was a record month for ransomware attacks in 2023
Replies
0
Views
702
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • +Reputation
The Week in Ransomware - September 29th 2023 - Dark Angels
Replies
0
Views
1,275
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • +Reputation
The Week in Ransomware - May 19th 2023 - A Shifting Landscape
Replies
0
Views
1,069
News Archive
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top