Mobile malware exploded during the first quarter of 2017 as global infection rates increased by 57%, with mobile malware having grown 79% in the past four quarters.
The Mac OS has not been able to hide from this onslaught either, with malware samples also growing 53% thanks to adware.
Unsurprisingly ransomware has also been gaining momentum, increasing by 59% in the last four quarters, amassing to 9.6 million samples according to a new McAfee report.
Given the rise in frequency of these cyber attacks, there was a congruent 53% increase in publically disclosed security incidents in Q1, of which there were 301. The health sector was among the most affected areas, bearing the brunt of 50% of total incidents alongside the education and public sectors.
The health sector has repeatedly proven weak to cyber attacks, with the NHS in particular being at the centre of major news regarding cyber security, most notably the recent WannaCry ransomware attack.
Raj Samani, chief scientist and fellow at McAfee said: “Everyone puts cyber in front of everything. Cyber-bully, cyber-security, cyber-crime. In turn, people assume it’s a different field, outside of their control or a risk that can’t reach them. It is crime, full stop. The fact that attackers use USB sticks to rob a bank instead of a gun means nothing. The sooner we recognise that we’re dealing with real crime and real criminals, and not simply an IT issue, the better.”
The viewpoint expressed by Raj Samani here is beginning to gain traction within organisations, as board members, chief executives, and other departments realise they can no longer sweep the problem under the IT rug.
Vincent Weafer, Vice President of McAfee Labs said: “There are hundreds, if not thousands, of anti-security, anti-sandbox, and anti-analyst evasion techniques employed by hackers and malware authors, and many of them can be purchased off the shelf from the Dark Web… This quarter’s report reminds us that evasion has evolved from trying to hide simple threats executing on a single box, to the hiding of complex threats targeting enterprise environments over an extended period of time, to entirely new paradigms, such as evasion techniques designed for machine learning based protection.”