Ransomware doubles, Flash exploits soar - a busy 2015

It’s been a busy year for security firms everywhere – cyber-attacks, malware, ransomware and other malicious online behaviour reached new heights in 2015.

Those are the results of a report by Bromium, a company which deals in threat isolation in service of data breach prevention. Its report, entitled ‘Endpoint Exploitation Trends 2015’ analysed the security risks of popular websites and software.

Here’s what the report suggests: vulnerabilities and exploits, targeting popular software such as Firefox or Adobe Flash have spiked significantly – vulnerabilities jumped 60 per cent, and exploits jumped 40 per cent.

Unsurprisingly, Adobe Flash exploits increased 200 per cent.

Malvertising was also persistent – out of the top 1000 Alexa sites, 27 per cent had malicious advertising on them. To make things worse – 2015 has seen the return of Macro malware – malicious code pretending to be legitimate Microsoft Office documents. Angler Exploit Kit remained the most popular choice for attackers, and on top of it all – ransomware doubled.

Since 2013, a type of attack in which crooks are demanding ransom in order to either decrypt disks which were previously taken over, or in order to stop a DDoS attack, has become one of the most common attack trends. The number of ransomware families increased 600 per cent in the past two years.

“Attackers focus on high value targets with the path of least resistance, which means that attack vectors may shift as previously vulnerable software implements new security to mitigate attacks,” said Rahul Kashyap, EVP, Chief Security Architect. “We have seen Microsoft take great steps to improve the security of Internet Explorer and Windows, which has forced attackers to focus on Flash exploits, malvertising and macro malware delivered through phishing emails.”