Threat actors turning their attention to wipers
Kaspersky Lab brought together company experts, journalists and business guests from the Middle East, Turkey and Africa for its annual Cyber Security Weekend that took place on April 26-29 in Vienna. The company’s experts gave an overview of global and regional cyberthreats and security trends, discussed the main threat vectors affecting businesses in the region, particularly organizations from industrial and financial sectors. Special attention was paid to protection of connected devices used by individuals, businesses and governments as part of smart cities.
“In the first quarter of 2017 we saw threat actors turning their attention to wipers, as well as financial crime. Fileless malware has been used in attacks by both targeted threat actors and cybercriminals in general – helping them to avoid detection and make forensic investigations harder. At the event we gave an example of the ‘invisible’ attacks used in the ATMitch campaign, which once again proves the importance of proper security solutions, security intelligence and carefully directed incident response,” said Ghareeb Saad, Senior Security Researcher, Global Research & Analysis Team, Kaspersky Lab.
At the event Kaspersky Lab also announced the renewed Kaspersky Anti Targeted Attack Platform, a solution to detect advanced threats and targeted attacks for enterprises. It blends advanced machine learning algorithms, actionable worldwide threat intelligence and adaptivity to customer infrastructure, to help large businesses uncover the most sophisticated and damaging attacks at any stage of their development.
Kaspersky Security Network (KSN) statistics for the first quarter of 2017 were revealed at the conference showing that Algeria had the highest number of users (66.5%) affected by local threats (malware spread in local networks, by USBs, CDs, DVDs), followed by Morocco (59%), Tunisia (57.9%), and Egypt (52.8%). In the Middle East, users in Oman (54.6%) were the worst affected, followed by those in Saudi Arabia (53.1%) and Qatar (49.8%).
In January-March 2017, the highest numbers of web threat incidents were reported in the same countries in Africa – Algeria (38.1% of KSN users), Tunisia (32.4%) and Morocco (26.1%), followed by Egypt (23.5%). In the Middle East the countries experiencing most threats were Qatar (29.7%), Saudi Arabia (24.2%), and the UAE (23.6%). South Africa had some of the lowest numbers of affected users in the META region (46.8% for local and 12.9% for web threats). In Turkey 18.8% of KSN users were affected by web threats and 47.1% by incidents related to local threats.
The number of ransomware notifications in the region increased 36% compared to the first quarter of last year, and according to Kaspersky Lab experts will continue to grow due to the increased availability in the cybercriminal ecosystem of ransomware as a service. Kaspersky Security Network registered over two times more banking Trojans (121% increase) than it did in the same period of 2016, while the amount of mobile infection attempts stopped by Kaspersky Lab’s products increased 1.5 times.
Shehab Najjar, Head of Cyber Counter Terrorism Unit, CYBERPOL, who was a special guest at the event and gave a keynote presentation, commented: “Legislation on cybercrime is still being developed globally and in META. At the same time, with the advance of information technologies there appear more threat vectors both for home users and organizations. For that reason, raising cybersecurity awareness by giving overviews and advice, such as that given at Kaspersky Cyber Security Weekend, plays an important part in securing the Internet.”