The Rise of Cyber-Crime as a Service
A steady growth of exploit kits is facilitating cyber-crime as a service, creating an environment where ransomware thrives and all organizations are at risk.
Q1 2016 saw a 35-fold increase in newly observed ransomware domains. This dramatic uptick helped propel the overall threat index.
The Infoblox DNS Threat Index hit an all-time high of 137 in Q1 2016, a 7% rise from 128 last quarter.
Exploit kits (toolkits for hire that make cyber-crime easier by automating the creation and delivery of malware) remain the biggest threat. They account for 50% of the index.
Exploit kit Angler continues to be the most popular for the seventh quarter in a row, although it dropped from 56% in Q4 2015 to 33% in Q1 2016.
RIG, an older exploit kit, surged to second place in Q4 2015 and held that spot in Q1 2016.
The Neutrino exploitation kit, which first emerged in 2013, was 3% in 2014 and 7% in 2015. Then authors added 10 new exploits for Adobe flash and Internet Explorer. Neutrino grew by 300% in Q1 2016.
Although the change in the index was influenced largely by exploit kit deployments, a 290% increase in malware also affected it.
The United States continues to be the top host for newly created or exploited malicious domains, with 41% of observations. But that’s a significant drop since Q4 2015’s 72%.
Five countries that barely registered as hosting infected systems in Q4 2015 now host 50% of them and account for half the remaining observations. These countries are: Portugal: 17%, Russian, Federation: 12%, Netherlands: 10%, United Kingdom: 8%, Iceland: 6%
A steady increase in the ransomware is expected throughout 2016. It will be hard to stem as criminals show a clear ability to shift infrastructure from country to country.