Published October 21, 2019

Targets and Trends to Watch in Europe

To stay safe, today’s businesses must understand the types of cyberattacks they may encounter and how to implement strong cybersecurity practices. Do hackers play by the same rules across the globe? Shifting attack strategies and innovations in attack infrastructure keep security professionals like you and me employed. Read on to find out what’s keeping us up at night in Europe. The results from our Cisco Umbrella global network may surprise you.

Trojans, botnets and ransomware, oh my!

These threats increased tremendously in Europe over the first half of 2019, making organizations of all sizes vulnerable to attacks. What’s perhaps the most interesting is the resurgence of ransomware. Our customers see more ransomware traffic than any other geographic region. The top threats facing Europe reported drastic increases during the first half of 2019:

Threats on the rise:

Malware 6x
Cryptomining 6x
Trojans 5.4x
Botnets 6.3x
Ransomware 4.1x increase
Phishing 5.9x

Attack of the Trojans – the malicious dark horse of the Financial Services industry

Financial Services attract 50% of all malicious enterprise traffic, easily making it the most vulnerable industry to cybersecurity attacks. Anyone else find this surprising? Globally, this sector is viewed as more mature than others when it comes to planning and preparing for cybersecurity incidents. How did it become the biggest target in EMEA? The answer has to be that the attackers are simply following the money! These attacks often use an unpatched vulnerability or misconfigured system in hopes of accessing larger organisations with high volumes of sensitive data. The financial services sector in EMEA experienced a sizeable increase in Trojan attacks since January, with a 4.1x increase.

Emotet hit Europe hard

Emotet, originally a banking trojan, has morphed over the years, and remains one of the most widely distributed and actively developed malware families in the game today. Its notoriety is not stopping attackers from using it to make more money. If it worked once… it’s going to work again. And organizations in Europe are seeing how much havoc Emotet can cause in their region. From January 2019 to June 2019, the use of Emotet increased by 198%. It has been more recently used with some larger-scale targeted ransomware infections, targeting financial services. But the financial sector is not the only industry being hit.

Manufacturing crippled by malicious cryptomining

According the Cisco Umbrella Global Network, the manufacturing industry accounts for 15% of all malicious traffic. This industry, along with energy/utilities, has been hit the hardest by malicious cryptomining. Cryptomining, the browser or software-based threat enables bad actors to hijack system resources to generate cryptocurrencies, is quite popular in EMEA. From January 2019 to June 2019, cryptomining traffic increased 6x. It’s an easy way for bad actors to generate cash while remaining anonymous. We believe these industries remain targets because they are less likely to patch and update their software – making them more susceptible to software exploits.

Local municipalities not immune to any malware

Local governments and municipalities get no reprieve from hackers – they seem to grapple with more threat traffic and more diversity of attacks than any other sector. Compared to other industries, they account for almost 12% of all malicious traffic. From botnets to ransomware, dropper files to exploit kits, it seems that hackers are targeting this sector because they believe variety is the spice that keeps security professionals jumping.

Reduce malware with Cisco Umbrella

As cloud use increases, organizations need a way to handle the corresponding growth in the number of threats, incidents, and breaches. Leveraging threat intelligence from Cisco Talos, one of the largest commercial threat intelligence teams in the world with more than 300 researchers, Umbrella uncovers and blocks a broad spectrum of malicious domains, IPs, URLs, and files that are being used in attacks. We also feed huge volumes of global internet activity into a combination of statistical and machine learning models to identify new attacks being staged on the internet.

Umbrella resolves more than 180 billion DNS requests daily, far more than any other security vendor. These insights gives our researchers a unique view of the internet to better identify trends and threats more quickly.

So what are you waiting for?

Take a few minutes to see what your existing security stack may be missing. With a free 14-day trial of Cisco Umbrella, you’ve got nothing to lose.

Start a free trial now!

Learn more about Cisco Umbrella:

Website | Twitter | LinkedIn | Facebook

This article was originally posted here: https://umbrella.cisco.com/blog/2019/10/15/targets-and-trends-to-watch-in-europe/

Cisco

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
PHPSESSID	session	This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gat_gtag_UA_64440810_2	1 minute	This cookie is set by Google and is used to distinguish users.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.

Cookies