IoT malware and ransomware attacks on the incline: Intel Security

Intel Security has released a five-year retrospective report on industry threats, finding people have become dependent on devices at the cost to their security and privacy, allowing malware and ransomware attacks to rapidly grow.
Written by Asha Barbaschow, Contributor

Graphics processing units (GPU)-based malware and ransomware attacks are growing rapidly, due to the increase in data, bigger networks, and the Internet of Things (IoT), according to Intel Security's five-year retrospective threat report.

The report [PDF], titled McAfee Labs Threats Report: August 2015, takes a look at GPU malware claims, online criminal exfiltration techniques, and the evolution of the threat landscape since 2010. It compares what researchers thought would have happened five years ago to what has happened in hardware and software security threats.

"We all thought that more users, more data, bigger networks, and many more types of devices and other targets like the cloud, combined with more attacks, clever new malware, and increasingly sophisticated actors were creating a perfect security storm," the report said.

"Most of these predictions came true. If anything, the adoption of cloud computing, IoT devices, and mobile devices moved faster than we expected; our 2010 prediction of 31 billion internet-connected devices by 2020 now seems an underestimate."

The report also said people have become dependent on devices in their environments, and are willing to sacrifice security and privacy.

"Consumers have very quickly adopted cool technology, we did it with mobile phones, then smartphones, tablets, and now wearables.

"We believed -- and continue to believe -- that whenever enough devices of a certain type create a lucrative market, attacks on those devices will begin."

According to Intel Security, IoT devices are just beginning to be exploited. The report found the variety of devices, operating systems, and versions provides a near-term resistance to attacks, as few have a large enough installed-base to attract online thieves.

"We are seeing just the beginnings of attacks and breaches against them," Intel Security said.

"It is only a matter of time until IoT device threats are widespread. Attackers are not after the devices themselves, but the data or gateway capability that they enable -- [they] want the easiest way in, and these devices often provide under-defended access to target-rich networks."

Intel Security said it analysed real-world attack patterns in the second quarter of 2015, which provided insight into the attack volumes that customers were experiencing.

The analysis found that ransomware continued to grow rapidly, with the number of new ransomware samples rising 58 percent in Q2. According to Intel Security, the total number of ransomware samples also grew by 127 percent year-on-year, with the company attributing the increase to fast-growing new families such as CTB-Locker and CryptoWall.

"Only one year in, the Cryptowall ransomware has already claimed $18 million from computer users, and it's only likely that this will continue," Mike Sentonas, vice president and CTO, Security Connected, Intel Security said.

"Paying attention to cyber security has never been more important and we fully expect to see a rise in attacks across both personal and corporate environments in the next quarter and beyond."

The analysis also found that every hour more than 6.7 million attempts were made to entice customers into connecting to risky URLs, via emails and browser searches; more than 19.2 million infected files were exposed to customers' networks; an additional 7 million PUPs attempted installation or launch; and 2.3 million attempts were made by its customers to connect to risky IP addresses or those addresses attempted to connect to customers' networks.

The release of the report marks the five-year anniversary since Intel Security purchased McAfee for $7.7 billion.

"Five years ago, we saw security as a looming impediment," Intel Security said of the purchase.

"If people started to lose confidence in their devices, connections, or services because of the loss of privacy, security, or even safety, it would slow the rest of the market.

"Unlike some of the hardware-specific issues that were straightforward for Intel to address organically, we concluded that we could not do this alone, and that we needed McAfee's security expertise to help remove that growth barrier."

Editorial standards