As businesses try to comply with new European Union privacy laws that come into force this year, they are set to face increased ransomware, cryptocurrency mining and business email compromise (BEC) extortion attacks, a report said on Wednesday. Also Read - Biggest Bitcoin scam: Bill Gates, Jeff Bezos, and other major Twitter accounts hacked
Cybercriminals will try to extort money from enterprises by first determining the General Data Protection Regulation (GDPR) penalty that could result from an attack, and then demanding a ransom of slightly less than that fine, which CEOs might opt to pay, said the report from global cybersecurity leader Trend Micro. Also Read - Supercomputers across Europe were hacked to mine cryptocurrency: Report
ATM attacks, BEC and targeted attacks were some of the stealthier security challenges faced by enterprises in 2017. “With more people using online transactions, there has been a growth in the number of hackers. Also Read - Cryptocurrency ban lifted in India; Here is everything that we know
We have seen an increase in those vulnerabilities being announced and lot of them getting compromised,” Nilesh Jain, Vice President, South East Asia and India, Trend Micro, said in a statement. “Major outbreaks that caused global infections made headlines well into the year, proving that ransomware was still a burdensome threat for individuals and enterprises,” he added.
The GDPR regulation by the European Parliament comes into force on May 25 this year. The new report, titled “The Paradox of Cyberthreats”, revealed a 32 per cent increase in new ransomware families from 2016 to 2017. It also highlighted a doubling of BEC attempts between the first and second half of 2017 and soaring rates of cryptocurrency mining malware, peaking at 100,000 detections in October last year.
“The report reveals a threat landscape, with cybercriminals increasingly finding they’re able to gain more — whether it’s money or data or reputation damage — by strategically targeting companies’ most valuable assets,” added Jon Clay, Director of Global Threat Communications for Trend Micro.
“Businesses need a cross-generational security solution that uses a blend of proven security protections with the best new defences to mitigate risk effectively,” he added. Vulnerable IoT devices are also a major security risk across several trending threats. Trend Micro detected more than 45.6 million cryptocurrency mining events during the year, representing a large percentage of all IoT events observed.