Home →Security →The Rise of Cyber-Crime as a Service

The Rise of Cyber-Crime as a Service

By Karen A. Frenkel | Posted 10-07-2016

1 of

The Rise of Cyber-Crime as a Service

A steady growth of exploit kits is facilitating cyber-crime as a service, creating an environment where ransomware thrives and all organizations are at risk.
Ransomware Domains Increase

Q1 2016 saw a 35-fold increase in newly observed ransomware domains. This dramatic uptick helped propel the overall threat index.
Threat Index Hits All-Time High

The Infoblox DNS Threat Index hit an all-time high of 137 in Q1 2016, a 7% rise from 128 last quarter.
Cybercrime as a-Service Is a Top Threat

Exploit kits (toolkits for hire that make cyber-crime easier by automating the creation and delivery of malware) remain the biggest threat. They account for 50% of the index.
Most-Used Exploit Kits

Exploit kit Angler continues to be the most popular for the seventh quarter in a row, although it dropped from 56% in Q4 2015 to 33% in Q1 2016.
RIG Revived

RIG, an older exploit kit, surged to second place in Q4 2015 and held that spot in Q1 2016.
Neutrino Returns

The Neutrino exploitation kit, which first emerged in 2013, was 3% in 2014 and 7% in 2015. Then authors added 10 new exploits for Adobe flash and Internet Explorer. Neutrino grew by 300% in Q1 2016.
Huge Malware Increase

Although the change in the index was influenced largely by exploit kit deployments, a 290% increase in malware also affected it.
U.S. Top Malicious Domain Host

The United States continues to be the top host for newly created or exploited malicious domains, with 41% of observations. But that's a significant drop since Q4 2015's 72%.
Malicious Infrastructure Shifts Location

Five countries that barely registered as hosting infected systems in Q4 2015 now host 50% of them and account for half the remaining observations. These countries are: Portugal: 17%, Russian, Federation: 12%, Netherlands: 10%, United Kingdom: 8%, Iceland: 6%
Steady Increase in Ransomware Is Expected

A steady increase in the ransomware is expected throughout 2016. It will be hard to stem as criminals show a clear ability to shift infrastructure from country to country.
- The Rise of Cyber-Crime as a Service
  
  View Slideshow »
View All Slideshows >

This year began with explosive growth in ransomware domains, according to a DNS threat index, driving an all-time high in new malicious domains. The threat index, which measures the creation of malicious DNSs including malware, exploit kits, phishing and other threats, was created by Infoblox, the network control solutions provider. "There has been a seismic shift in the ransomware threat, expanding from a few actors pulling off limited, smaller-dollar heists targeting consumers to industrial-scale, big-money attacks on all sizes and manner of organizations, including major enterprises," said Rod Rasmussen, vice president of cyber-security at Infoblox. "The threat index shows cyber-criminals rushing to take advantage of this opportunity." The Infoblox DNS Threat Index tracks the malicious DNS infrastructure through the registration of new domains and hijacked, previously legitimate domains or hosts. Its baseline is 100, the average for new DNS-based threat infrastructure during the eight quarters of 2013 and 2014. Here are highlights from the Q1 2016 Infoblox DNS Threat Index Report and some cyber-security basics.

Karen A. Frenkel writes about technology and innovation and lives in New York City.