Malwarebytes: Channel Plays Vital Role in Fighting Malware, Ransomware
A new Check Point Research report shows a rapid increase in IoT cyberattacks.
![skull skull](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blt63cfd13917af612e/6523ffb059401e48732029a8/Threat-Detection-Malware-4-877x432.jpg?width=700&auto=webp&quality=80&disable=upscale)
Shutterstock
Brian Kane, Malwarebytes‘ director of global MSP programs, said malware poses a growing and very real danger to all fields, subsectors and the organizations within them.
“As a part of that, the channel stands in a truly unique position when it comes to the importance of adequate cybersecurity posture and protecting customers,” he said. “The unique challenge for the channel is the trickle-down effect of any chink in their armor. If channel partners can shore up their defenses, both proactive and reactive, in relation to the five most damaging malware threats, they will be in a better position to protect both their organizations and that of their customers.”
Jérôme Segura, senior director of threat intelligence at Malwarebytes, said LockBit was able to build its reputation and learn from other’s mistakes quite rapidly, while also changing the business model to put affiliates in charge of payments.
“Attackers are opportunistic and will match vulnerabilities or other exploitation tools with potential victims,” he said. “Having said that, not all victims are equal and threat actors (particularly with ransomware) will do a quick audit of a victim to assess how much money they might be able to ask and choose those likely to pay off the most first.”
Additionally, any business dealing with critical infrastructure or whose products and services are tightly integrated into other industries, are more at risk because they simply cannot afford downtime, Segura said.
As for the remainder of 2023, Malwarebytes expects ransomware to “continue to be the most damaging threat followed closely by information stealers,” he said.
As channel partners make their way into 2023, they can stay ahead of the curve, according to Malwarebytes. They can do so by prioritizing the malware threats identified in the Malwarebytes report and implement targeted defense strategies to protect clients against these risks.
In addition, they can educate their clients about the evolving threat landscape and help them develop a culture of security awareness within their organizations. And finally, they can continuously evaluate and optimize security offerings to ensure they meet the needs of clients and protect against the latest threats.
Cybercriminals are aware that IoT devices are notoriously some of the most vulnerable parts in the network, with most not properly secured or managed, according to Check Point. With IoT devices like cameras and printers, vulnerabilities and other unmanaged devices can allow direct access and significant privacy violation, allowing attackers an initial foothold into corporate networks, before propagating inside the breached network.
These IoT devices attacked range from a variety of common IoT devices like routers, IP cameras, digital video recorders (DVRs) network video recorders (NVRs), printers and more. IoT devices such as speakers and IP cameras have become increasingly common in remote work and learning environments, providing cybercriminals with a wealth of potential entry points.
One contributing factor to the increase in IoT cyberattacks is the rapid digital transformation that occurred in various sectors, such as education and health care, during the pandemic, according to Check Point. This transformation, driven by the need for business continuity, often took place without proper consideration of security measures, leaving vulnerabilities in place.
Omer Dembinsky, data group manager at Check Point Software Technologies, said schools and universities have large networks serving both employees and students. Having such a large and diverse population provides attackers with multiple entry points and propagation options.
Cybercriminals are succeeding in their attacks on IoT devices, Dembinsky said.
“We are also seeing devices and networks that have infections, for example of Mirai botnet, which can further spread and be used for additional malicious activity such as distributed denial of service (DDoS) attacks,” he said.
As technology continues to advance, so will the sophistication and frequency of cyberattacks, Dembinsky said.
“Cybersecurity providers can help organizations better protect their IoT devices from cybercriminals by helping organizations implement robust security measures, and providing insight about the latest threats and best practices,” he said.
As people and organizations increase the usage of smart devices connected to the network, there likely will be continuous efforts to utilize these devices as targets in cyberattacks, “thus we should expect to see this trend continue,” Dembinsky said.
Cybercriminals are succeeding in their attacks on IoT devices, Dembinsky said.
“We are also seeing devices and networks that have infections, for example of Mirai botnet, which can further spread and be used for additional malicious activity such as distributed denial of service (DDoS) attacks,” he said.
As technology continues to advance, so will the sophistication and frequency of cyberattacks, Dembinsky said.
“Cybersecurity providers can help organizations better protect their IoT devices from cybercriminals by helping organizations implement robust security measures, and providing insight about the latest threats and best practices,” he said.
As people and organizations increase the usage of smart devices connected to the network, there likely will be continuous efforts to utilize these devices as targets in cyberattacks, “thus we should expect to see this trend continue,” Dembinsky said.
MSPs, SIs, VARs and others have their hands full this year defending themselves and their customers from malware and ransomware, according to a new Malwarebytes report.
The channel plays a vital role in providing cybersecurity for companies around the globe. But as malware evolves and cyberattacks become more common, keeping up with the top threats to the channel can be difficult, according to the Malwarebytes report.
Also on Tuesday, Check Point Research released its latest findings highlighting a surge in IoT cyberattacks globally. The first two months of 2023 saw a 41% increase in the average number of weekly attacks per organization targeting IoT devices compared to 2022. Moreover, on average, every week 54% of organizations suffer from attempted cyberattacks targeting IoT devices
Malwarebytes Report Highlights Key Threats
The Malwarebytes report highlights the following five top threats:
LockBit rose to dominion in 2022 and accounted for about one-third of all known ransomware-as-a-service (RaaS) attacks. LockBit’s largest known ransom demand in 2022 was $50 million, although multiple sources report even higher demands were made. LockBit’s victims included businesses of all sizes, from local law firms with a handful of employees to multinational enterprises like Thales Group and Continental.
Emotet is shapeshifting malware that is persistent, prolific, hard to detect and hard to eradicate. Emotet began life in 2014 as a banking trojan used to steal sensitive information. It now acts as a global-scale delivery network for malware, providing cybercriminal gangs with backdoor access to more than 1 million compromised computers.
SocGholish, also known as FakeUpdates, comes disguised as a critical browser update. It is used to gain initial access into an organization’s network. The foothold it creates is then sold to other criminals who use it to download remote access trojans (RATs) or conduct ransomware attacks.
Android droppers represent a category of malware that highlights the danger of overlooking protection for the world’s most popular operating system. In the battle against malware, Android is the forgotten front line. For individuals, stalkerware is the most dangerous threat. For businesses, it’s droppers.
OSX.Genieo is Malwarebytes‘ detection name for a browser hijacker targeting macOS systems that behaves like adware. A browser hijacker is a malware program that modifies web browser settings without the user’s permission. It redirects the user to websites the user didn’t intend to visit.
Scroll through our slideshow above for more from Malwarebytes and Check Point Software Technologies.
Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn. |
About the Author(s)
You May Also Like