Symantec Says Malware Tops Ransomware As FI Threat

Symantec, a cybersecurity firm that specializes in research and cloud-based security, released new insights surrounding financial malware and ransomware in its latest Internet Security Threat Report (ISTR).

According to the company, financial threats, with more than 1.2 million detections per year, are up to 2.5 times more widespread, compared to ransomware. Attacks that use ransomware to infiltrate open networks, such as WannaCry, usually receive more attention from the media, compared to financial malware.

“Although the detection count for financial malware decreased in 2016 by 36 percent, this threat category is still very much active and relevant despite several takedown operations and arrests,” the report’s authors say.

The report also points out a shift in preferred targets by cybercriminal groups, from customers to financial institutions, including banks and trading platforms. Around 38 percent of financial threats picked by the business were related to large corporations. This shift suggests hackers are willing to risk more for larger payouts.

Hacking a large company requires more computing power, equipment and manpower, which comes with a hefty investment. Additionally, the report highlights that such attacks take longer to plan and execute.

Out of all the countries in the world battling cybercrime, Japan is the most infected with financial malware. Last year, the country made up 37 percent of detections – an increase from 34 percent in 2015.

The U.S. only accounted for 6 percent of financial malware detections in 2016.

“Mobile threats on Android are mainly focusing on form overlay attacks or fake online banking apps. We have seen more than 170 mobile apps targeted by mobile malware. Mobile threats are still relevant as many financial institutions have deployed two-factor authentication through mobile phone applications,” Symantec said.

To prevent getting hacked, researchers recommend keeping security software updated, using strong passwords and avoiding Microsoft Office documents from unknown sources that require receivers to activate macros.