Comodo Group reports a fourfold increase in the number of cyber threats
Comodo Group Inc. reports that in the second quarter of this year, the number of malicious programs increased by almost 4 times compared with the first quarter. According to the report , the number of infections increased from 25 million to 97 million.
According to Kaspersky Lab, they managed to detect and repel 45 thousand attacks of the WannaCry worm in more than 74 countries. And Petya, whose new iteration (NotPetya) appeared on June 27, hit 2,000 companies with EternalBlue .
/ Flickr / Christoph Scholz / CC
')
Most often, infections occurred with the help of Trojans - 5.8 million cases. They are followed by worms - 4.5 million infections and 2.6 million traditional viruses. It was also revealed 209 thousand use backdoors.
"Infections" were recorded in 236 of 253 top-level domains. The leaders in the number of attacks were Russia, Indonesia and the Philippines. The United States ranked first in the number of infections with Trojan horses.
As stated in Comodo, viruses and worms are most common in countries with weak economies, because they work well in weak networks. Backdoors, on the other hand, were more common in rich countries and were targeted in Australia, Britain and Japan.
Therefore, many states strengthen their work in the field of countering cybercrime. Holger Muench, president of the German Federal Criminal Police Office, calls for tougher laws to combat cybercrime on the darknet and other criminal groups. And Japan launches several training centers to train security specialists and cyberguroz research.
In the US, Rep. Tom Graves (Tom Graves) introduced a bill that gives victims of ongoing cyber attacks more extensive response rights. In particular, victims of hackers will be able to take aggressive countermeasures to protect their information, that is, hack into the systems of intruders in response. The document also describes “active cyber defense measures”, which implies: the establishment of a criminal and the transfer of this information to law enforcement agencies.
Russia is also taking part in the global fight against cybercrime by submitting a draft UN convention on cooperation in the field of countering information crime. It describes the technical and legal interaction of the parties in the field of information and communication technologies.
According to the forecasts of RAEC and the report on current cyber threats from Positive Technologies, the number and complexity of the attacks will only grow . There is even the possibility of another major attack such as DDoS, as extortion services for leased Trojans continue to gain popularity. Attacks will evolve in environments such as cloud technologies and mobile software.
It is worth noting that the danger threatens and IoT-technologies. According to Nexusguard, the growth in the number of attacks on IoT networks has increased by 380% over the past six months. This is due to both the growing popularity of IoT and the vulnerability of technology. You can read more about other trends in cyber threats here and here .
Experts note that the main reasons for the increase in the number of attacks are the lag in security systems technology, the tense relations between some countries within world politics, the lack of IT professionals and the improvement of the methods and techniques of the attacks themselves (we wrote about it here ).
/ Flickr / Henri Bergius / CC
Security experts continue to remind you of the importance of IT hygiene: strong passwords, employee training, not storing important information in the mail. However, they are also convinced that a high level of protection can be achieved by eliminating the influence of the human factor. Therefore, they turn to machine learning opportunities and artificial intelligence systems.
One such intelligent solution is Deep Instinct, which uses deep learning to recognize malicious code. The developers selected millions of files of all varieties, classified them, and transferred the networks for training. The end result was a prediction model, which the company called "instinct." The solution can detect zero-day vulnerabilities, new malware and sophisticated target cyber attacks (APT).
Another way to fight for security with AI was introduced by Microsoft. They created a tool for developers - Microsoft Security Risk Detection - that looks for bugs and vulnerabilities in the upcoming release.
According to Microsoft researcher David Molnar, companies usually hire security experts to fuzz. But since the amount of software being created and used has increased, testing has become more complicated. At the same time, the importance of this task has grown several times due to the rapid growth in the number of cyber attacks.
Molnar states that the tool automates the same algorithm that we use with you to find the error, only works on a different scale thanks to the cloud. Read more about it here .
Representatives of the company also said that Windows Defender in the new update Creators Update for Windows uses the capabilities of artificial intelligence to protect against malware.
Let AI not be able to eliminate all potential cyber threats, he can analyze the behavior of programs. To solve the problem of modeling good behavior "manually" is almost impossible. Artificial intelligence can process significant amounts of data and automatically generate basic patterns of normal behavior and distinguish between malicious code.
Comodo Group is an American software company. It is one of the largest providers of certificates, offering free certificates for personalized email. Founded in 1998.
PS Some materials on the topic from our blog:
According to Kaspersky Lab, they managed to detect and repel 45 thousand attacks of the WannaCry worm in more than 74 countries. And Petya, whose new iteration (NotPetya) appeared on June 27, hit 2,000 companies with EternalBlue .
/ Flickr / Christoph Scholz / CC
')
Most often, infections occurred with the help of Trojans - 5.8 million cases. They are followed by worms - 4.5 million infections and 2.6 million traditional viruses. It was also revealed 209 thousand use backdoors.
"Infections" were recorded in 236 of 253 top-level domains. The leaders in the number of attacks were Russia, Indonesia and the Philippines. The United States ranked first in the number of infections with Trojan horses.
As stated in Comodo, viruses and worms are most common in countries with weak economies, because they work well in weak networks. Backdoors, on the other hand, were more common in rich countries and were targeted in Australia, Britain and Japan.
Therefore, many states strengthen their work in the field of countering cybercrime. Holger Muench, president of the German Federal Criminal Police Office, calls for tougher laws to combat cybercrime on the darknet and other criminal groups. And Japan launches several training centers to train security specialists and cyberguroz research.
In the US, Rep. Tom Graves (Tom Graves) introduced a bill that gives victims of ongoing cyber attacks more extensive response rights. In particular, victims of hackers will be able to take aggressive countermeasures to protect their information, that is, hack into the systems of intruders in response. The document also describes “active cyber defense measures”, which implies: the establishment of a criminal and the transfer of this information to law enforcement agencies.
Russia is also taking part in the global fight against cybercrime by submitting a draft UN convention on cooperation in the field of countering information crime. It describes the technical and legal interaction of the parties in the field of information and communication technologies.
What to expect by the end of the year
According to the forecasts of RAEC and the report on current cyber threats from Positive Technologies, the number and complexity of the attacks will only grow . There is even the possibility of another major attack such as DDoS, as extortion services for leased Trojans continue to gain popularity. Attacks will evolve in environments such as cloud technologies and mobile software.
It is worth noting that the danger threatens and IoT-technologies. According to Nexusguard, the growth in the number of attacks on IoT networks has increased by 380% over the past six months. This is due to both the growing popularity of IoT and the vulnerability of technology. You can read more about other trends in cyber threats here and here .
Experts note that the main reasons for the increase in the number of attacks are the lag in security systems technology, the tense relations between some countries within world politics, the lack of IT professionals and the improvement of the methods and techniques of the attacks themselves (we wrote about it here ).
/ Flickr / Henri Bergius / CC
Intellectual protection methods
Security experts continue to remind you of the importance of IT hygiene: strong passwords, employee training, not storing important information in the mail. However, they are also convinced that a high level of protection can be achieved by eliminating the influence of the human factor. Therefore, they turn to machine learning opportunities and artificial intelligence systems.
One such intelligent solution is Deep Instinct, which uses deep learning to recognize malicious code. The developers selected millions of files of all varieties, classified them, and transferred the networks for training. The end result was a prediction model, which the company called "instinct." The solution can detect zero-day vulnerabilities, new malware and sophisticated target cyber attacks (APT).
Another way to fight for security with AI was introduced by Microsoft. They created a tool for developers - Microsoft Security Risk Detection - that looks for bugs and vulnerabilities in the upcoming release.
According to Microsoft researcher David Molnar, companies usually hire security experts to fuzz. But since the amount of software being created and used has increased, testing has become more complicated. At the same time, the importance of this task has grown several times due to the rapid growth in the number of cyber attacks.
Molnar states that the tool automates the same algorithm that we use with you to find the error, only works on a different scale thanks to the cloud. Read more about it here .
Representatives of the company also said that Windows Defender in the new update Creators Update for Windows uses the capabilities of artificial intelligence to protect against malware.
Let AI not be able to eliminate all potential cyber threats, he can analyze the behavior of programs. To solve the problem of modeling good behavior "manually" is almost impossible. Artificial intelligence can process significant amounts of data and automatically generate basic patterns of normal behavior and distinguish between malicious code.
About Comodo Group
Comodo Group is an American software company. It is one of the largest providers of certificates, offering free certificates for personalized email. Founded in 1998.
PS Some materials on the topic from our blog:
Source: https://habr.com/ru/post/338482/
All Articles