The healthcare sector and social media users are popular targets for cyber attackers, a report has revealed.
This is the first time in six quarters that the US public sector has not topped the list of sectors with the most security incidents.
While overall healthcare data breaches are most likely the result of accidental disclosures and human error, the report said cyber attacks on the sector continue to increase.
The trend began the first quarter of 2016 when numerous hospitals around the world were hit by ransomware attacks.
“Whether physical or digital, data breaches in healthcare highlight the value of the sensitive personal information organizations in the sector possess,” said Vincent Weafer, vice-president for McAfee Labs.
“They also reinforce the need for stronger corporate security policies that work to ensure the safe handling of that information.”
Also in the second quarter of 2017, the Faceliker Trojan helped drive the quarter’s 67% increase in new malware samples targeting social media sites.
The second quarter of 2017 saw Facebook emerge as a notable attack vector, the report said, with Faceliker accounting for as much as 8.9% of the quarter’s 52 million newly detected malware samples.
This Trojan infects any web browser used to visit malicious or compromised websites, and then hijacks users’ Facebook “likes” and promotes the content without users’ knowledge or permission.
At scale, hijacking “likes” can make money for those operating Faceliker because the hijacked clicks can make a news article, video, website or ad appear more popular or trusted than it really is.
“Faceliker leverages and manipulates the social media and app-based communications we increasingly use today,” said Weafer.
“By making apps or news articles appear more popular, accepted and legitimate among friends, unknown actors can covertly influence the way we perceive value and even truth. As long as there is profit in such efforts, we should expect to see more such schemes in the future.”
Rise of fake news
Research has shown that around 50% of the US public regard Facebook as their main source of news, according to Jessica Barker, co-founder and socio-technical lead at cyber security consultancy RedactedFirm.
The research suggests that news on Facebook unconsciously influences the way those who consume it feel and how they see the world, she told a recent security roundtable in London.
Barker predicts that while we have seen fake news targeted mainly at politics, in coming years there will be an increasing incidence of fake news targeting corporations and key individuals.
“We really need to focus on how we can build critical thought and encourage people who create and consume news to check and verify stories,” she said.
Notable worldwide threats
Other notable cyber threat trends detailed in the McAfee report include a 3% increase in the number of publicly disclosed security incidents in the second quarter compared with the previous quarter; the fact that the majority (78%) of all publicly disclosed security incidents in the second quarter took place in the Americas; and that the health, public, and education sectors comprised more than 50% of total incidents in 2016-2017 worldwide.
However, unlike the Americas, the report said the public sector led in reported second quarter incidents in the Asia-Pacific region, followed by financial services and technology. In Europe, public sector also led the sectors substantially in the second quarter, followed by entertainment, health, finance and technology.
Account hijacking led disclosed attack vectors, followed by distributed denial of service (DDoS) attacks, leaks, targeted attacks, malware and SQL injections.
There was a 67% increase in new malware samples in the second quarter to 52 million. This increase, the report said, is in part due to a significant increase in malware installers and the Faceliker Trojan. The total number of malware samples grew 23% in the past year to almost 723 million samples.
New ransomware samples again increased sharply (54%) in the second quarter, while the number of total ransomware samples grew 47% in the past year to 10.7 million samples.
Total mobile malware grew 61% in the past year to 18.4 million samples. Global infections of mobile devices rose by 8% in the second quarter, with Asia again leading the regions with 18%.
With the decline of adware, Mac OS malware has returned to historical levels, growing by only 27,000 in the second quarter. This is still small compared with Windows threats, as the total number of Mac OS malware samples increased by just 4% in the second quarter.
New macro malware rose by 35% in the second quarter, and 91,000 new samples raised the total overall sample count to 1.1 million.
The botnet Gamut again claims the top rank in volume during the second quarter, continuing its trend of spamming job-related junk and fake pharmaceuticals. The Necurs botnet was the most disruptive, pushing multiple pump-and-dump stock scams during the quarter.