Security firm traces ransomware origins, targets

In a Global Threat Intelligence Report released on Thursday, NTT Security, a division of NTT Group, analyses threat trends between October 2015 and last September based on logs, events, attacks, incidents and vulnerabilities. 
It also examines the latest ransomware, phishing and DDoS attack trends and summarises their impact on global organisations.
With phishing now widely used to distribute ransomware – the malware that’s holds data or devices hostage – the report reveals that 77 per cent of all detected ransomware was seen mainly in four sectors. Business and professional services were the targets of 28 per cent of attacks, government 19 per cent and health care and retail 15 per cent each.
“While technical attacks on the newest vulnerabilities tend to dominate the media, many attacks rely on less technical means,” NTT said. 
Its report indicates that phishing attacks were responsible for nearly three-quarters of all malware delivered, with government and business/professional services the industry sectors most likely to be hit. 
NTT found that the US was the source of 41 per cent of phishing attacks, Netherlands 38 per cent and France 5 per cent.
The report also reveals that just 25 passwords accounted for nearly 33 phishing of all authentication attempts against NTT Security “honeypots” last year. More than 76 phishing of log-on attempts included a password known to be implemented in the Mirai botnet that’s comprised of Internet-of-Things devices. Mirai was used to conduct what were at the time the largest ever distributed-denial-of-service (DDoS) attacks.
DDoS attacks represented less than 6 per cent of attacks globally, but accounted for over 16 per cent of all attacks originating from Asia and 23 per cent of all attacks from Australia.
Finance was the most commonly attacked industry globally, subject to 14 per cent of all attacks. Finance was the only sector to appear in the top three across all of the geographic regions analysed, while manufacturing appeared in the top three in five of the six regions. Finance, government and manufacturing were the top three most commonly attacked industry sectors.
“This is the most comprehensive report of its kind, based on analysis of trillions of security logs over the past year,” NTT vice president Steven Bullitt said. 
“We identified more than six billion attempted attacks over the 12-month period – that’s around 16 million attacks a day – and monitored threat actors using nearly every type of attack. 
“We assisted organisations with data breach investigations, collected and analysed global threat intelligence, and performed our own security research,” he said. “The lessons learned from all these efforts are directly reflected in the recommendations throughout this report.”