Tag: spike | Page 2

Akamai Reports Massive Spike in Malicious Domain Activity

September 29, 2022/in Internet Security

Akamai reported today it identified nearly 79 million malicious domains in the first half of 2022, which collectively represent a little more than 20% of all the newly observed domains (NODs) accessed via its content delivery network (CDN) and other services the company provides.

That roughly equates to 13 million malicious domains per month, the report noted. Akamai researchers also noted that two weeks before Russia’s invasion of Ukraine, a spike in activity led to the identification of nearly 40,000 malicious NODs per day before reaching a peak of more than 250,000 unique malicious .ru domain names per day created in the second half of March.

Gregorio Ferreira, a data scientist for Akamai, said it’s difficult to assess just how many malicious domains there are in the world but it’s apparent the web is increasingly being overwhelmed. On a typical day, Akamai researchers observed approximately 12 million new NODs, of which slightly more than two million successfully resolved a DNS query.

Instances of Akamai CacheServe currently process more than 80 million DNS queries per second, or approximately seven trillion requests per day, from all over the world. Malicious actors often register thousands of domain names in bulk because if one or more of their domains are flagged and blocked, they can simply switch to one of the other domains they own. Most of those domain names are created programmatically using a domain generation algorithm (DGA). Many names in the NOD dataset look like names you’d never type into a browser window. Digits, for example, are often inserted into domain names to reduce the odds an automatically-generated domain has already been registered.

It’s not clear how all these malicious NODs will be operationalized, but it’s apparent that the level of scale at which malicious domains are created is part of a larger, unprecedented cyberwarfare strategy. While the number of malicious NODs being created is going to be a major concern for governments around the world, it’s usually businesses that wind up suffering the most collateral damage. The days when organizations could rely solely on a firewall and endpoint protection software to protect themselves from…

Source…

India sees 70% spike in ransomware attacks on critical infrastructure

April 27, 2022/in Internet Security

Cyber-attacks on critical infrastructure by nation-state bad actors have increased significantly and India observed a 70 per cent increase in ransomware activity in the fourth quarter (Q4) of 2021, a new report said on Wednesday.

According to the report by cybersecurity company Trellix, over half of adversarial advanced persistent threat actor activity originated from Russian and Chinese backed groups and Russian-backed groups like APT29 have continued to greatly increase their activity in 2022.

Reports surfaced last week that a Russian malware planted from a server in Nigeria was used for a cyber attack on Oil India’s (OIL) system in Assam.

The state-owned company had suffered a major cyber-attack in its field headquarters in eastern Assam’s Duliajan, with the hacker demanding $75,00,000.

The report found a significant 73 per cent increase in cyber incidents targeting individuals and positioned people as the top attack sector in Q4 2021.

Individual consumers are the top target of cybercriminals, closely followed by the healthcare vertical.

Additionally, the transportation, shipping, manufacturing and information technology industries showed a sharp increase in threats.

“We are at a critical juncture in cybersecurity and observing increasingly hostile behaviour across an ever-expanding attack surface,” said Christiaan Beek, lead scientist and principal engineer, Trellix Threat Labs.

The fourth quarter signalled the shift out of a two-year pandemic which cybercriminals used for profit and “saw the Log4Shell vulnerability impact hundreds of millions of devices, only to continue cyber momentum in the new year where we’ve seen an escalation of international cyber activity,” he added.

Transportation and shipping were the target of 27 per cent of all advanced persistent threat (APT) — activity by adversarial and stealthy actors — detections.

Healthcare was the second most targeted sector, bearing 12 per cent of total detections.

From Q3 to Q4 2021, threats to manufacturing increased 100 per cent, and threats to information technology increased 36 per cent, said the report.

APT29, believed to conduct operations for Russian…

Source…

Prince George’s Council Members Respond to Spike in Carjackings – NBC4 Washington

April 21, 2022/in Mobile Security

Carjackings have continued to spike in both D.C. and Prince George’s County, leading two county council members to call the crisis a state of emergency.

On April 11, a DoorDash driver was carjacked in District Heights, Maryland, on his first day on the job. Five days later, an Amazon Flex driver said she was in the Bellevue neighborhood in the District when two young people punched her and demanded her keys. And on Tuesday night, several people carjacked a person on H Street NE.

“This is really a carjacking state of emergency, this is not okay, this is not business as usual,” Mel Franklin, a Prince George’s County councilmember, said.

Franklin and fellow council member Deni Tavares say they’re worried about families who have to deal with carjacking crime.

“They’re just trying to live quiet lives and this is what they’re experiencing on a daily basis,” Tavares said.

In Prince George’s, 90 people were carjacked in 2019. That number nearly tripled to 269 in 2020 and spiked again last year to 381.

So far in 2022, if carjackings continue at the current pace, the figure will top last year’s number.

Over in D.C., there have been 161 carjackings so far in 2022, compared to 110 this time last year. That’s an increase of 46%.

“If people don’t feel safe, they will not live here. We have to restore a sense of safety and a sense of security,” Franklin said.

It’s why the council members are pushing for more investment in the community, such as the future Towne Square at Suitland Federal Center, which used to be an area with high crime.

“It’s this kind of investment that can make a supreme difference in reducing crime and helping uplift our communities,” Franklin said.

Source…

Kuwait sees large spike in malware attacks … up 64% – ARAB TIMES

October 18, 2021/in Computer Security

Cyber threats against ICS systems most prominent

Emad Haffar, Head of Technical Experts — Kaspersky

At GITEX Technology Week 2021, which opened Sunday October 17 at the World Trade Center in Dubai, Kaspersky research highlights that malware is widespread across the Middle East. Accounting for 161 million of attacks and growing by 17% when compared to the last year figure – 138 million. “Kuwait has seen a large spike in malware attacks increasing by 64%,” said Emad Haffar, Head of Technical Experts for the Middle East, Turkey and Africa at Kaspersky. Cyber threats against ICS systems stand out as the most prominent.

The UAE experienced a 4% increase in attacks against ICS computers during the first half of 2021 when compared to the same period last year. This stands higher than the global average which only increased by 1.2% for the same period. Industrial control system (ICS) security oversees the safeguarding and protection of control systems used for monitoring industrial processes. Such systems are critical in keeping essential infrastructure functioning and they are increasingly under attack. The potential for critical system breakdown, production accidents, and even city-wide or national impact is increasing. In Kaspersky’s “Threat Landscape for Industrial Automation Systems Report”, spyware, which is mostly deployed to steal money and information, are up by 0.6 percentage points in UAE. Simultaneously, malicious scripts grew by 2.7 percentage points. Threat actors use such scripts on various websites hosting pirated content to redirect users to sites that distribute spyware or malware designed to mine cryptocurrency without the user’s knowledge. “The global trajectory is to move to digital services across the board. This also includes Industrial Control systems which today are increasingly connected. For many, this has translated in increased convenience and efficiency, but it also exposes them to cyberattacks. A worst-case scenario can result in total disruption of industrial processes.

Depending on the criticality of an industrial object, the results can mean a loss of…

Source…

Tag Archive for: spike