Three-quarters of all malware is because of Phishing attacks

With phishing widely used now as a mechanism for distributing of major ransomware, a new NTT Security has revealed that 77% of all detected ransomware globally was in just four main sectors – business and professional services (28%), healthcare (15%), government (19%), and retail (15%).

While the technical attacks on the latest vulnerabilities tend to dominate the media, many of these attacks rely on the less technical means. According to GTIR, the phishing attacks were responsible for almost three-quarters (73%) of all of this malware delivered to organisations, with business & professional services (25%) and the government (65%) as the industry sectors are most likely to be attacked at a global level. When it comes to attacks by the country, the U.S. with 41%, Netherlands with 38% and France with 5% are the top three sources of phishing attacks.

This report also reveals that just around 25 passwords accounted for almost 33% of all the authentication attempts against the NTT Security honeypots in the last year. Over 76% of the log on attempts have included a password which is known to be implemented in Mirai botnet – a famous botnet comprised of the IoT devices, which are used to conduct, what were at present, the largest possible distributed denial of service (DDoS) attacks.

Attacks all around the world

DDoS attacks have represented less than 6% of attacks globally but they have accounted for over 16% of all the attacks from Asia and 23% of all the attacks from Australia.

Finance si also one of the most commonly attacked industry, subject to the 14% of all the attacks. The finance sector is the only sector to appear in top three in all of the geographic regions that are analysed, while the manufacturing appeared in the top three in the five of the six regions. Government (14%), Finance (14%) and manufacturing (13%) are the top three most usually attacked industry sectors.

“We identified more than six billion attempted attacks over the 12-month period – that’s around 16 million attacks a day – and monitored threat actors using nearly every type of attack,” said Steven Bullitt.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil