Trend Micro has released their 2015 Q1 Security Roundup report. It makes for some interesting reading. While we recommend that you click through and read the full report for yourself, here are some of the main points:
- None of the prominent threats in the early part of 2015 were new…yet they were still effective. That suggests we still have a lot of work to do in educating our users about what not to do in order to stay safe online.
- “Malvertising” was a major issue. It’s particuarly dangerous in that it doesn’t require people to actually click on a link – the malware is downloaded when an online ad is displayed.
- A lot of metaphorical rocks have been thrown at Apple over the (sometimes long and drawn-out) vetting process for getting an app listed in their app store. But the dangers of not having a thorough vetting process were demonstrated once again when mobile attackers were able to slip disguised adware into Google Play ™.
- “Crypto-ransomware” infection counts increased by a factor of 5x – from 1,540 in 2014 Q1 to 7,844 in 2015 Q1. Some variants directly target enterprises by encrypting files in network shares.
- Malware in the form of macros for Office apps also increased by almost a factor of 5x – from 19,842 in 2014 Q1 to 92,837 in 20115 Q1. This is an area that clearly demands more user training, as many infections were transmitted via email attachments where the recipients were instructed to enable macros in order to read the attachments.
- Healthcare data is the “holy grail” of data theft, because it frequently includes social security numbers which are arguably much more valuable to a criminal than a credit card number that can only be used until the card is cancelled.
It’s still a dangerous world out there…surf safely, my friends!