Ransomware slowdown welcomed by security experts, but businesses can’t afford to relax just yet

Malware infections have dramatically dropped across Ireland, with the country now experiencing the lowest rate of infection in the world, a new study suggests.

Research from Microsoft’s Security Intelligence team revealed a decline in malware and ransomware in Ireland during 2018, although phishing attacks and cryptomining continued to flourish.

The data, collected from users of Redmond’s security products, suggested there was a 60% drop in malware attacks in Ireland between March and December 2018.

Clients reported malware encounter rates of just 1.26% in 2018 – the lowest rate globally.

Encounter rates are the percentage of devices running Microsoft real-time security products that report a malware infection, such as Windows Defender, in a given time period.

Despite the drop in malware, the report indicated that phishing attacks are increasing across Ireland, as cybercriminals look to profit from organizations with poor security practices.

Previous research by Microsoft determined that poor password hygiene and remote working in the private and public sector is putting Irish businesses at risk.

The new report suggests that malicious actors are taking advantage of this by using social engineering as their current favored attack vector.

Cryptomining has also increased, with an encounter rate of 0.12%. Although not a new phenomenon, it suggests that attackers are looking to make fast, easy money from their often unsuspecting targets.

Ransomware ‘still poses a significant threat’

Brian Honan, owner of BH Consulting based in Dublin, told The Daily Swig that although the decline in ransomware is a positive step, Irish businesses and organizations can’t afford to relax.

He said: “While the apparent reduction in ransomware attacks is welcome, we should not dismiss the threat immediately.

“From our experience working with our client base, ransomware still poses a significant threat and cost to businesses.

“It should be noted that previous years had significant numbers of ransomware attacks due to viruses such as NotPetya and WannaCry, which resulted in a huge spike in numbers of infections, so as a result the number of attacks seen recently may look significantly lower than previous years.

“We need to also remember that criminals will look at ways they can make money quickly and easily.

“Large ransomware campaigns can be costly to run, as they demand the resources to distribute the malware and to manage payments.

“Other forms of malware, such as cryptojacking, are where criminals are turning to, as they provide quicker returns.”

Honan also suggested that the recent increase in phishing attacks is likely to facilitate so-called payment redirection fraud, whereby attackers impersonate senior staff to trick employees into transferring huge sums into their bank accounts.

He added: “Organizations cannot let their guard down simply because of a lull in one type of attack, organisations should still follow the basic and core security principles of keeping systems patched with the latest software updates, running up to date anti-virus software, effective security awareness is in place, and ensure appropriate monitoring is in place to quickly detect any suspicious activity.”

RELATED Incoming! Swiss CERT warns ransomware fiends are targeting local SMEs