India is one of the leading countries when it comes to mobile malware, according to Symantec’s Internet Security Threat Report (ISTR) for 2018. The report also adds that cybercriminals are getting more tenacious on alternative methods like formjacking to make money as ransomware and cryptojacking are diminishing.
The cybersecurity firm analyzes data from its Global Intelligence Network to superintend this report.
Symantec notes that smartphones are one of the best spying devices because they integrate a camera, a microphone, and a tracker all in one device. The report says that attacks on smartphones have increased significantly and India is one of the top countries for mobile malware with 23.6 percent of global infections.
The report also adds that users have been made aware of consumer privacy because of the Cambridge Analytica data scandal and implementation of EU’s General Data Privacy Regulation.
According to Symantec research, over 45 percent of popular Android apps require permission to access users location, camera, email, while over 24 percent of popular iOS apps require such permissions. There are various tools to gather this data, which are currently on the rise, making it possible for miscreants to track people without their consent, says the report.
India has also registered its name in the top 4 spots globally and in the top 2 spots in the Asia Pacific and Japan region in terms of cryptomining activities. t has also been ranked second, both globally and in APJ in terms of ransomware activities.
Cryptomining is a term that refers to software programs and malware components that are developed to take over a computer’s resources and use them for cryptocurrency mining without a user’s explicit consent. Nevertheless, this method of cybercrime has seen a decline due to depleting cryptocurrency value and increasing adoption of cloud and mobile computing, rendering attacks less effective.
Ransomware attacks have been lowered to 20 percent for individual use, however, have jumped up by 12 percent for enterprise users.
The report also adds that cybercriminals are favoring formjacking as their new get rich quick scheme. These attacks are quite simple and easy to perform as miscreants have to just insert malicious code into a retailer’s website to steal its shoppers’ payment details. The research states that an average of 4800 websites are targeted through this attack every month. Many well-known websites like Ticketmaster and British Airways were reported to be compromised recently.
Symantec estimates that cybercriminals may have allocated tens of millions of data last year, stealing customer’s financial and personal information. The British Airways formjacking attack got the cybercriminals details of over 3,80,000 credit cards.
The report also adds that enterprises adopting cloud-based solutions are making the same mistakes that were made by initial enterprise PC adopters. According to the research, cloud services risk being exploited because of recently discovered chip vulnerabilities like Meltdown, Spectre and Foreshadow.
Attacks like supply chain and living off the land have increased by 78 percent in 2018 and are widely being adopted by cybercriminals and targeted attack groups. These attacks let cybercriminals maintain a lowkey profile and hide their activity in a mass of legitimate processes. According to the company, identifying and blocking these attacks require the use of advanced detection methods like analytics and machine learning.