SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Cybersecurity
#
Malware
#
Ransomware
Australia primary target for cyber attacks
Tue, 12th Jul 2016
FYI, this story is more than a year old
Author image
By Shannon Williams, Journalist
Follow us

Australia has been a primary target for a major ransomware infection over the past two months, according to findings from Trend Micro.

According to the security specialists, the April-May period saw more than 224,000 ransomware attacks, of which a majority was the result of the Angler Exploit Kit.

The high volume of exploit kit ransomware attacks in Australia, second only to Japan in the same period, is due to a ransomware infection vector move toward URL and Exploit Kits, Trend Micro says.

Around the world, more than 66 million ransomware-related threats have been detected/blocked by Trend Micro from January to May of this year, with almost 700,000 of those in Australia and more than 19,000 in New Zealand.

“With the growing threat of ransomware attacks specifically aimed at Australian organisations, we recommend that enterprises and small businesses are more vigilant than ever,” says Indi Siriniwasa, enterprise sales and channel director for Trend Micro Australia and New Zealand.

“The new ransomware families have sophisticated delivery and evasion techniques such as self-destructing after they successfully complete their routine. The best way to defend against this sophistication is to use a multilayered security approach,” she says.

“Australia has really been targeted by cybercriminals with this Angler Exploit Kit and it is Australian consumers that will suffer,” adds Tim Falinski, consumer director, Trend Micro Australia and New Zealand.

“Consumers should make themselves aware of the threats and ensure all their devices – from smartphones to PCs to connected smart devices – are protected,” he says.

According to Trend Micro, 64% of ransomware threats were seen at the email layer. This is due to ransomware being largely distributed via spam, either as a macro or JavaScript attachment, or via a clickable link in the message body.

The report found 34% of ransomware-related threats are blocked in the URL layer. These URLs are usually compromised sites, malvertisements, or landing pages that host exploit kits leading to ransomware. A very small percentage (2%) of ransomware-related threats are ransomware detections blocked at the file layer.                   

From January to May 2016, Trend Micro has so far seen 50 new ransomware families. Of these, 19 ransomware families arrived via spam, while six of these new ransomware families arrived via exploit kits. All of these new families still encrypt files and drop ransom notes.

Related stories
Smarttech247 & SentinelOne launch AI-powered cybersecurity for SMEs
GitHub's 2FA initiative helps secure software supply chain
Jason Haddix joins Flare as Field Chief Information Security Officer
AI tools linked to data exposure in 1 in 5 UK organisations
Trend Micro introduces AI-driven cyber risk management features
Top stories
Australian businesses fast-track Microsoft cloud adoption amid cyber threats
Zscaler introduces enhanced ZDX service for improved IT operations
The importance of cybersecurity training for software developers
HID acknowledged as Leader in Gartner Magic Quadrant for Indoor Location Services
Exclusive: How Darktrace is tackling AI-driven cybersecurity