The number of attacks by cybercriminals against businesses doubled in 2015, research by Kaspersky Lab has revealed.
The research found that, in 2015, some 58% of corporate PCs were hit with at least one attempted malware infection, which represents an increase of three percentage points on 2014.
Some 29% of business computers were exposed at least once to an internet-based attack, while 41% faced local threats, such as infected USB sticks. Additionally, there was a 7% increase in the number of attacks targeting the Android platform.
Targeted company sectors
Cybercriminals and advanced persistent threats (APT) groups largely targeted financial services organisations in 2015, with their attention being focused on banks, investment funds, and both stock and currency exchanges, including those dealing with cryptocurrencies such as bitcoin.
Certain groups changed their focus in 2015, such as Winnti APT, which switched its targets from companies involved in computer games to those in pharmaceuticals and telecommunications.
Retailers have also been a target of cybercriminals this year, with Kaspersky Lab products blocking more than 11,500 attempts to hack into PoS devices.
The number of cryptolocker attacks has doubled this year, with Kaspersky Lab detecting cryptolockers on more than 50,000 corporate machines.
“Organisations that have fallen victim to a cryptolocker can find themselves faced with a ransom demand to stop a DDoS-attack, decrypt files, or maintain the confidentiality of any stolen information,” said Yury Namestnikov, senior security researcher in the Global Research and Analysis Team at Kaspersky Lab.
He went on to say that cybercriminals don’t always honour the agreement to unlock a victim’s encrypted information once the ransom has been paid, citing Proton-mail as an example. Namestnikov advised those targeted with ransomware to call in law enforcement and computer security experts, but he hopes regulators will soon take a harsher stance against such crime.
“We … expect tougher safety standards from regulators, which could lead to more cyber-criminals being arrested in 2016,” Namestnikov said.
In the meantime, the company recommends business owners increase their knowledge of the latest threats and implement the basic principles of security: train employees, establish robust security processes and make full use of new technologies and techniques.