To stay safe, today’s businesses must understand the types of cyberattacks they may encounter and how to implement strong cybersecurity practices. Do hackers play by the same rules across the globe? Shifting attack strategies and innovations in attack infrastructure keep security professionals like you and me employed. Read on to find out what’s keeping us up at night in Europe. The results from our Cisco Umbrella global network may surprise you.
Trojans, botnets and ransomware, oh my!
These threats increased tremendously in Europe over the first half of 2019, making organizations of all sizes vulnerable to attacks. What’s perhaps the most interesting is the resurgence of ransomware. Our customers see more ransomware traffic than any other geographic region. The top threats facing Europe reported drastic increases during the first half of 2019:
Threats on the rise:
- Malware 6x
- Cryptomining 6x
- Trojans 5.4x
- Botnets 6.3x
- Ransomware 4.1x increase
- Phishing 5.9x
Attack of the Trojans – the malicious dark horse of the Financial Services industry
Financial Services attract 50% of all malicious enterprise traffic, easily making it the most vulnerable industry to cybersecurity attacks. Anyone else find this surprising? Globally, this sector is viewed as more mature than others when it comes to planning and preparing for cybersecurity incidents. How did it become the biggest target in EMEA? The answer has to be that the attackers are simply following the money! These attacks often use an unpatched vulnerability or misconfigured system in hopes of accessing larger organisations with high volumes of sensitive data. The financial services sector in EMEA experienced a sizable increase in Trojan attacks since January, with a 4.1x increase.
Emotet hit Europe hard
Emotet, originally a banking trojan, has morphed over the years, and remains one of the most widely distributed and actively developed malware families in the game today. Its notoriety is not stopping attackers from using it to make more money. If it worked once… it’s going to work again. And organizations in Europe are seeing how much havoc Emotet can cause in their region. From January 2019 to June 2019, the use of Emotet increased by 198%. It has been more recently used with some larger-scale targeted ransomware infections, targeting financial services. But the financial sector is not the only industry being hit.
Manufacturing crippled by malicious cryptomining
According the Cisco Umbrella Global Network, the manufacturing industry accounts for 15% of all malicious traffic. This industry, along with energy/utilities, has been hit the hardest by malicious cryptomining. Cryptomining, the browser or software-based threat enables bad actors to hijack system resources to generate cryptocurrencies, is quite popular in EMEA. From January 2019 to June 2019, cryptomining traffic increased 6x. It’s an easy way for bad actors to generate cash while remaining anonymous. We believe these industries remain targets because they are less likely to patch and update their software – making them more susceptible to software exploits.
Local municipalities not immune to any malware
Local governments and municipalities get no reprieve from hackers – they seem to grapple with more threat traffic and more diversity of attacks than any other sector. Compared to other industries, they account for almost 12% of all malicious traffic. From botnets to ransomware, dropper files to exploit kits, it seems that hackers are targeting this sector because they believe variety is the spice that keeps security professionals jumping.
Reduce malware with Cisco Umbrella
As cloud use increases, organizations need a way to handle the corresponding growth in the number of threats, incidents, and breaches. Leveraging threat intelligence from Cisco Talos, one of the largest commercial threat intelligence teams in the world with more than 300 researchers, Umbrella uncovers and blocks a broad spectrum of malicious domains, IPs, URLs, and files that are being used in attacks. We also feed huge volumes of global internet activity into a combination of statistical and machine learning models to identify new attacks being staged on the internet.
Umbrella resolves more than 180 billion DNS requests daily, far more than any other security vendor. These insights gives our researchers a unique view of the internet to better identify trends and threats more quickly.