McAfee Labs report finds cyberattacks target healthcare and social media
Computer security software firm McAfee Labs has released the findings of its Threats Report 2017 examining the rise of script-based malware.
Recent high-profile cyberattacks, such as WannaCry and NotPetya, meant that the healthcare industry surpassed the public sector to report the greatest number of security incidents in 2017.
Both WannaCry and NotPetya lacked the capabilities necessary to extort victims' ransoms and unlock their systems, according to McAfee, but the aim may have been disruption rather than extortion.
"It has been claimed that the two high-profile attacks may not have been successful due to the amount of money made," said Chief Scientist for McAfee, Raj Samani.
"However, it is just as likely that the motivation for the attacks was disruption, in which both campaigns were incredibly effective.
"We now live in a world in which the motive behind ransomware goes beyond making money - welcome to the world of pseudo-ransomware.”
Healthcare accounted for 26% of security incidents in Q2 in 2017, with the health, public and education sectors making up more than 50% of worldwide incidents in 2016-17.
The most likely causes of breaches in the healthcare industry were accidental disclosures and human error, but attacks have been on the rise since 2016.
Vicent Weafer, Vice President for McAfee, commented: “Data breaches in healthcare highlight the value of sensitive personal information organisations in the sector possesses.”
“They also reinforce the need for stronger corporate policies that work to ensure the safe handling of that information.”
McAfee Labs counted that there were 311 disclosed security incidents in Q2, which is a 3% increase from Q1, whilst 78% of those incidents took place in the Americas.
Social media is also under threat – the Faceliker Trojan accounted for 8.9% of the quarter’s 52 million newly detected malware samples.
Faceliker works by infecting a user’s browser the hijacking their Facebook likes to promote content without the user’s knowledge.
This then can earn money for the malicious parties by “making unknown apps or news articles appear more popular, accepted and legitimate,” says Weafer.
“Unknown actors can covertly influence the way we perceive value and even truth. As long as there is profit in such methods, we should expect to see more schemes like this.”
Gartner: no threats to AWS, MS and Google cloud dominance
The report – Magic Quadrant for Cloud Infrastructure and Platform Services – says enterprises have “significantly accelerated” their use of cloud infrastructure and platform service (CIPS) as they seek scalability and agility during the Covid-19 pandemic.
Strong niche players
But while it recognises strong niche players and visionaries such as Alibaba Cloud, Oracle, Tencent Cloud and IBM in its magic quadrant, it finds little to threaten the dominance of AWS, Microsoft and Google in the lucrative cloud market.
Magic quadrant – AWS
The report cites clients complaining of heavy handed sales techniques from AWS, where customers are pressured to increase spend by 20 per cent in order to renew their contracts. Companies with “significant dependence” on the platform feel they have nowhere to turn, though the report also notes that “the pressure to increase spend is not AWS’s policy and will be eliminated if the customer escalates.”
It also cautions that customers of the market leader often find they need third-party help in order to overcome the “substantial technical skills” in order to navigate the complexity of the product portfolio, and says “AWS’s new services are often not ready for meaningful enterprise consumption” because the products are “matured in public.” Gartner also says companies are misled about the abilities of AWS’s products based on its leadership position in IaaS and dbPaaS, which does not necessarily translate across to other cloud strengths.
Magic quadrant – Google Cloud
Google Cloud, the report says, is making strong gains but struggles to maintain support post-sales, perhaps as a result of rapid internal growth. It also cautions that attractive discount incentives are bound to reverse later. Google Cloud operates at a substantial loss and is not the parent company’s main source of revenue. The report praises Google Cloud’s reputation as a strategic choice and its “impressive year-on-year improvements”.
Magic quadrant – Microsoft Azure
Microsoft Azure, the report says, has “the broadest sets of capabilities, covering a full range of enterprise IT needs from SaaS to PaaS and Iaas compared to any provider in this market.” It also has market trust built over decades. However Gartner cautions that Microsoft, while making concerted efforts to improve resiliency, has continued to “experience some outages, particularly in association with updates and maintenance events.” Further downsides included overcomplicated licensing and a sales strategy that prevented reps from “effectively deploying Azure to bring down a customer’s total Microsoft costs.”
Gartner: ‘remarkably similar’
The report concludes that: “On the surface, many of the providers in this magic quadrant appear alike. They all have, for example, virtual machines, managed container services and managed database PaaS offerings. The various pricing models are remarkably similar and often within comparable ranges, even when negotiated discounts are taken into account.
“What’s wholly different is below the surface – at the level of architecture, implementation and operations. The resiliency characteristics afforded to clients varies widely by provider. Major outages plagued several cloud providers in this Magic Quadrant over the past year. In some cases, providers offered few capabilities to work around provider-oriented failure using accepted, modern means such as availability zones.
“Strategic cloud provider selection necessitates that enterprises consider the failure scenarios by workload and architect to manage them. In some regions, with several providers in this Magic Quadrant, the challenge of working around provider-oriented failure is insurmountable.”