SiteLock’s latest annual research on trends reveals some interesting changes affecting businesses, as companies attempt to secure their data from attackers. The headline from the report is with a rising attack volume, which suggests cybercriminals are automating their attacks to expand their reach and frequency.
Another finding, however, is that the sample of infected websites remains steady at about 60,000 throughout the year, indicating that website security tools are likely becoming more successful at combating the increasing number of attacks. Moreover, there has been a change in the forms of attack, with the recent buzz phrase of ‘cryptojacking‘ being less of an issue.
Cryptojacking refers to the unauthorized use of a computer, tablet, mobile phone, or connected home device by cybercriminals to mine for cryptocurrency. The SiteLock data reveals that cryptojacking is no longer seen as a profitable method of attack. This is stated to be a consequence of the crash in the price of Bitcoin, the closing of cryptomining service Coinhive and reduction of value on other currencies, which means that bad actors are less motivated to leverage this strategy.
Given the less attractive status of cryptocurrency, SiteLock experts are predicting that the “old standards” of malware—backdoors, shells, and JavaScript files—will likely remain hackers’ most popular choices for hackers. With this spike in backdoor attacks, such as 2018’s Drupalgeddon, this indicates that cybercriminals are showing interest in reusing existing and efficient malware.
The report found that:
47 percent of infected sites had at least 1 filehacker,
50 percent of infected sites had at least 1 backdoor ,
18 percent of infected sites had at least 1 SEO spam file.
This was based on more than six million websites to determine the most prevalent cyberthreats facing businesses.