The Rise of Cyber-Crime as a Service
-
The Rise of Cyber-Crime as a Service
A steady growth of exploit kits is facilitating cyber-crime as a service, creating an environment where ransomware thrives and all organizations are at risk. -
Ransomware Domains Increase
Q1 2016 saw a 35-fold increase in newly observed ransomware domains. This dramatic uptick helped propel the overall threat index. -
Threat Index Hits All-Time High
The Infoblox DNS Threat Index hit an all-time high of 137 in Q1 2016, a 7% rise from 128 last quarter. -
Cybercrime as a-Service Is a Top Threat
Exploit kits (toolkits for hire that make cyber-crime easier by automating the creation and delivery of malware) remain the biggest threat. They account for 50% of the index. -
Most-Used Exploit Kits
Exploit kit Angler continues to be the most popular for the seventh quarter in a row, although it dropped from 56% in Q4 2015 to 33% in Q1 2016. -
RIG Revived
RIG, an older exploit kit, surged to second place in Q4 2015 and held that spot in Q1 2016. -
Neutrino Returns
The Neutrino exploitation kit, which first emerged in 2013, was 3% in 2014 and 7% in 2015. Then authors added 10 new exploits for Adobe flash and Internet Explorer. Neutrino grew by 300% in Q1 2016. -
Huge Malware Increase
Although the change in the index was influenced largely by exploit kit deployments, a 290% increase in malware also affected it. -
U.S. Top Malicious Domain Host
The United States continues to be the top host for newly created or exploited malicious domains, with 41% of observations. But that's a significant drop since Q4 2015's 72%. -
Malicious Infrastructure Shifts Location
Five countries that barely registered as hosting infected systems in Q4 2015 now host 50% of them and account for half the remaining observations. These countries are: Portugal: 17%, Russian, Federation: 12%, Netherlands: 10%, United Kingdom: 8%, Iceland: 6% -
Steady Increase in Ransomware Is Expected
A steady increase in the ransomware is expected throughout 2016. It will be hard to stem as criminals show a clear ability to shift infrastructure from country to country.
This year began with explosive growth in ransomware domains, according to a DNS threat index, driving an all-time high in new malicious domains. The threat index, which measures the creation of malicious DNSs including malware, exploit kits, phishing and other threats, was created by Infoblox, the network control solutions provider. "There has been a seismic shift in the ransomware threat, expanding from a few actors pulling off limited, smaller-dollar heists targeting consumers to industrial-scale, big-money attacks on all sizes and manner of organizations, including major enterprises," said Rod Rasmussen, vice president of cyber-security at Infoblox. "The threat index shows cyber-criminals rushing to take advantage of this opportunity." The Infoblox DNS Threat Index tracks the malicious DNS infrastructure through the registration of new domains and hijacked, previously legitimate domains or hosts. Its baseline is 100, the average for new DNS-based threat infrastructure during the eight quarters of 2013 and 2014. Here are highlights from the Q1 2016 Infoblox DNS Threat Index Report and some cyber-security basics.