Crime Marches On

What a long way we’ve come since the days of simply relying on firewalls. Just as threats have evolved—from an attack called Morris Worm to an attack called POODLE—so have the strategies and tools for both hackers and businesses, as the cyberwar rages on. When you look at the rate at which new malware is being crafted and the rate at which adequate security technologies are being embraced, there is a widening gulf. Accepting status quo or thinking past security efforts have you covered doesn’t cut it anymore. Developing a greater understanding of the threat landscape is a good and important first step.


The number of zero-day malware is growing, while the adoption of advanced technology such as sandboxing or threat emulation is still slow. What we’re seeing is nonstop proliferation. As we reported in our annual security report, in 2014, Check Point researchers saw 106 unknown malware per hour hit organizations compared with just 2.2 the year before. And, AV-Test, an anti-virus research firm, reported that unknown malware spiked to 142M from 83M the previous year.


In some ways, this should be no surprise. It is shockingly easy to create malware. To prove that point, Check Point conducted a test in which we created 300 new malware just by selecting known malware files from VirusTotal, and adding a null at the end of each PDF and doc file. Then, an unused header section was modified on each executable file. This simple procedure turned the known malware into unknown malware, flying under the radar of existing signatures.


In this war of cyberinfections, hackers often rely on armies of bots to help extend their reach. In fact, during 2014, our researchers saw that 83 percent of enterprises were infected with bots. What some businesses don’t realize is that all it takes is for a single endpoint to download malware that installs a bot, which leads to an organization-wide bot infection. Once inside the network, attackers can spread from computer to computer. From there, they can take control of PCs and orchestrate criminal or unwanted actions without anyone knowing.


One of the ways bots are unleashed is through distributed denial of service (DDoS) attacks. In the past year, DDoS was the top vector and accounted for 60 percent of all attacks. The rate of these incidents is spiking, thanks to toolkits that can be found by just mousing around online. They’re not very expensive, and they’re also easy to use. As a result, a less-than-accomplished hacker can quite easily make a big impact. That’s why it has become the go-to tool for activists who take their protests online. Who needs to brave the elements and hope for attention and support when you can easily take down a domain with a DDoS protest?


Knowing how the latest tools and vectors influence cybercriminals is key to staying one step ahead—as is knowing the right strategies to protect your assets and infrastructure. To help bridge the gulf between cybercrime advances and smart security, and learn more about what Check Point researchers discovered in the past year, check out our annual security report.