Home endpoints twice as likely to be infected as businesses
Despite the fact that in recent months we've seen cybercriminals focusing their efforts on businesses, 68 percent of infections are seen on consumer endpoints, compared to 32 percent on business endpoints.
This is one of the findings of the latest Webroot Threat Report, which also shows that legitimate websites are frequently compromised to host malicious content, with 40 percent of malicious URLs hosted on good domains.
Phishing attacks have increased 36 percent, with the number of phishing sites growing 220 percent over the course of 2018. Phishing sites now often use SSL certificates and HTTPS to trick internet users into believing they are secure, legitimate pages. 77 percent of phishing attacks impersonated financial institutions, and were much more likely to use HTTPS (80 percent) than for other targets.
The study does show that security awareness training pays off, however. Webroot has found that organizations that combine phishing simulation campaigns with regular training saw a 70 percent drop in phishing link click-through.
Although malware can hide almost anywhere, Webroot found several common locations, including %appdata% (29.4 percent), %temp% (24.5 percent), and %cache% (17.5 percent), among others. These are prime locations for hiding malware because these paths are in every user directory with full user permissions to install there. These folders also are hidden by default on Windows Vista and above.
The report also shows you're safer using Windows 10 with devices that use the latest OS at least twice as secure as those running Windows 7. Webroot has charted a relatively steady decline in malware on Windows 10 machines for both consumer and business users.
Among other trends are that cryptojacking began to rise again towards the end of the year with attacks doubling between September and December. Ransomware is in overall decline though it is becoming more targeted towards businesses. Many ransomware attacks in 2018 used the Remote Desktop Protocol (RDP) as an attack vector, leveraging tools such as Shodan to scan for systems with inadequate RDP settings.
"We wax poetic about innovation in the cybersecurity field, but you only have to take one look at the stats in this year's report to know that the true innovators are the cybercriminals," says Hal Lonas, CTO of Webroot. "They continue to find new ways to combine attack methods or compromise new and existing vectors for maximum results. My call to businesses today is to be aware, assess your risk, create a layered approach that protects multiple threat vectors and, above all, train your users to be an asset -- not a weak link -- in your cybersecurity program."
You can read the full report on the Webroot site.