Comodo Group Reports a Fourfold Increase In The Number of Cyber Threats
Comodo Group Inc. reports that in the second quarter of this year the number of malicious programs increased almost 4 times compared with the first quarter. According to the report, the number of infections increased from 25 million to 97 million.
According to Kaspersky Lab, they managed to detect and repel 45 thousand WannaCry worm attacks in more than 74 countries. And Petya, a new iteration of which (NotPetya) appeared on June 27, hit 2,000 companies with the help of EternalBlue.
- More often, infections occurred with the help of Trojans – 5.8 million cases. They are followed by worms – 4.5 million infections and 2.6 million traditional viruses. It was also revealed 209 thousand backdoor exploits.
“Malicious” were recorded in 236 of 253 top-level domains. Leaders in the number of attacks were Russia, Indonesia, and the Philippines. The United States took the first place in terms of the number of infections “Trojan horses”.
- According to Comodo, viruses and worms are most often found in countries with a weak economy, because they work well in poorly protected networks. Backdoors, however, were more common in rich countries and were of a targeted nature: in Australia, the United Kingdom, and Japan.
Therefore, many states are strengthening their work in the field of countering cybercrime. Holger Muench, president of the Federal Office of the German Criminal Police, calls for stricter laws to combat cybercrime in darknet and other criminal groups. And Japan is launching several training centers for the training of security experts and research on cyber urges.
- In the US, member of the House of Representatives of Georgia, Tom Graves (Tom Graves) introduced a bill that provides victims of ongoing cyber attacks with broader rights regarding retaliation. In particular, victims of the activities of hackers will be able to take aggressive countermeasures to protect their information, that is, hack systems of intruders in response. The document also describes “active measures of cyber defense”, which include: the establishment of a criminal and the transfer of this information to law enforcement agencies.
Canada also takes part in the world struggle against cybercrime, presenting the draft UN Convention on Cooperation in the Sphere of Counteracting Information Crime. He describes the technical and legal interaction of the parties in the field of information and communication technologies.
What to expect by the end of the year
According to the forecasts of the RAEC and the report on the actual cyber threats from Positive Technologies, the number and complexity of the attacks will only grow. There is even the possibility of another major attack such as DDoS, as the services-extortionists in renting Trojans for rent continue to gain popularity. Attacks will evolve in environments such as cloud technologies and mobile software.
- It is worth noting that the danger threatens and IoT-technologies. According to Nexusguard, the increase in the number of attacks on the IoT-network has increased by 380% in the last six months. This is due to both the growing popularity of IoT, and the vulnerability of technology. More information about other trends in cybernauts can be read here.
Experts note that the main reasons for the increase in the number of attacks are the backlog of security systems technologies, tense relations between some countries within the world politics, the deficit of IT professionals and the improvement of methods and techniques of attacks themselves (more about this we wrote here).
Intellectual methods of protection
Security experts continue to recall the importance of adherence to IT hygiene: reliable passwords, employee training, the refusal to store important information in the mail. However, they are also convinced that a high level of protection can be achieved by eliminating the influence of the human factor. Therefore, they turn to the possibilities of machine learning and artificial intelligence systems.
- One such intelligent solution is Deep Instinct, which uses deep training to recognize the malicious code. The developers selected millions of files of all varieties, classified them and sent the networks for training. The end result was the forecasting model, which the company called “instinct.” The solution can detect zero-day vulnerabilities, new malware and sophisticated targeted cyber attacks (APT).
Another way to fight for security with the help of AI was introduced by Microsoft. They created a tool for developers – Microsoft Security Risk Detection – which looks for errors and vulnerabilities in software that is preparing for release.
According to Microsoft researcher David Molnar (David Molnar), companies are usually hired by security experts to conduct fuzzing. But as the volume of created and used software has increased, testing has become more complicated. At the same time, the importance of this task has grown several times because of the rapid growth in the number of cyber attacks.
- Molnar states that the tool automates the same algorithm that we use to find the error, only works on a different scale thanks to the cloud. More about it you can read here.
Representatives of the company also said that Windows Defender in the new update Creators Update for Windows uses the capabilities of artificial intelligence to protect against malicious software.
Let AI not yet be able to eliminate all potential cyber threats, it can analyze the behavior of programs. It is almost impossible to solve the problem of modeling good behavior manually. Artificial intelligence can also handle large amounts of data and automatically generate basic models of normal behavior and distinguish malicious code.
About Comodo Group
Comodo Group is an American software company. It is one of the largest certificate providers, offering free certificates for personalized e-mail. It was founded in 1998.