Use of malware, botnets and exploits expands

Issue 3 2022 News

Nuspire, a managed security services provider (MSSP), has announced the release of its Q1 2022 Threat Report. The report outlines new cybercriminal activity and tactics, techniques and procedures (TTPs), as well as provides data and insight into malware, exploit and botnet activity.

Nuspire’s data revealed a significant number of new vulnerabilities leading to increases in threat actor activity across all three of the threat classifications it studies: malware, botnets and exploits. Of note are several older botnets that saw a resurgence in Q1, including Mirai, STRRAT and Emotet.

Mirai, known for co-opting IoT devices to launch DDoS attacks, showed a spike in activity in February 2022 (https://en.wikipedia.org/wiki/Mirai_(malware)). This corresponded with the discovery of Spring4Shell, a zero-day attack on popular Java web application framework, Spring Core. The attack allows for unauthenticated remote code execution and data shows Mirai exploited this vulnerability to its botnet.

STRATT botnet, which engages in information stealing, keystroke logging and credential harvesting from browsers and email clients, also spiked in February. This data corresponds with recent announcements identifying a new STRRAT phishing campaign.

“With Q4 2021 being a quieter quarter for cyberattacks we predicted Q1 2022 would see a rebound and our data proves that,” said J.R. Cunningham, chief security officer at Nuspire. “As zero-day attacks and numerous other vulnerabilities among big-name companies like Google and Microsoft come to light, threat actors are quickly adjusting their tactics and these exploits tend to get industry attention, but the threat posed by older and well-understood attacks still persists. It’s critical businesses of all sizes understand the costliness of these attacks and fortify their security posture accordingly.”

Additional notable findings from Nuspire’s Q1 2022 Threat Report include:

• Incidences of malware, botnet and exploit activity increased 4,76%, 12.21% and 3,87% respectively over Q4 2021.

• Visual Basic Applications (VBA) trojans continue to be the top malware variant, comprising nearly 30% of all malware variants. Of note is its activity spiked just prior to Microsoft’s announcement of plans to block VBA macros by default on Office products.

• Brute force attacks – when threat actors guess different combinations of potential passwords until the correct password is discovered – were by far the most popular exploit at 61%.

“Securing expanded risk surfaces today requires that organisations have 20/20 hindsight combined with an over-the-horizon view of current and potential future threats,” said Craig Robinson, program director for security services at IDC. “Understanding the tactics, techniques and procedures (TTPs) that attackers have historically utilised does not lose value over time, as many of these exploits get repeated with slight twists to make them dangerous zero-day exploits. Combining this historical knowledge with curated threat intelligence that shows the current threat landscape is vital for organisations to survive in these dangerous times.”

The report can be downloaded at www.nuspire.com/resources/q1-2022-threat-report/




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Spend on cloud to accelerate across Africa in 2023
News
More than two-thirds of companies using cloud computing across major African markets plan to increase their spending on cloud services in 2023.

Read more...
ChatGPT’s impacts will be social, not technical
News
ChatGPT is truly a remarkable achievement, an artificial intelligence (AI) that you can have a conversation with and ask to do everything from writing essays to coding computer programs.

Read more...
Artificial intelligence in Africa: levelling the narrative
News
While AI can benefit multiple industries, in Africa the key sectors that stand to gain are financial services (specifically fintech) and agriculture.

Read more...
Improving data security for a hybrid society
News
Researchers from Tokyo University of Science develop a method that can perform computations with encrypted data faster and at a lower cost than conventional methods, while also improving security.

Read more...
Cybersecurity in 2023: The latest trends and developments
News
In 2023, experts predict that several trends will shape the cybersecurity landscape, including the growing use of artificial intelligence (AI), the increasing focus on the Internet of Things (IoT), and the rise of quantum computing.

Read more...
SAN market set for growth
Technews Publishing News IT infrastructure
Storage-area network (SAN) market to hit US$ 26,86 billion in revenue by the end of 2029 due to factors like widespread adoption of Hybrid SAN-NAS solutions.

Read more...
Enterprise threats in 2023
News Cyber Security
Large businesses and government structures should prepare for cybercriminals using media to blackmail organisations, reporting alleged data leaks, and purchasing initial access to previously compromised companies on the darknet.

Read more...
Trends in the proptech industry for 2023
News
By mixing real estate with technology to optimise industries, create new ones, and generate efficiencies or capabilities that improve revenue generation, something as fundamental as the concept of parking has been turned on its head.

Read more...
31 percent of all IoT SIMs managed with third-party IoT CMPs
News Integrated Solutions
Berg Insight recently released new findings about the market for IoT connectivity management platforms (CMPs), a standard component in the value proposition from mobile operators and IoT MVNOs around the world.

Read more...
Off-highway vehicle telematics systems
News
The installed base of off-highway vehicle telematics systems to reach 12.2 million units worldwide by 2026, says Berg Insight.

Read more...