WannaCry Helps Push Cyber-Crime Attacks to New Heights in 2Q17

ABSTRACT:  The second quarter of 2017 was the most active 90-day period ever for cyber-crime attacks, according to a new report from security technology firm ThreatMetrix. The Q2 2017 ThreatMetrix Cybercrime Report was compiled using data on actual attacks that occurred from April to June 2017, as detected by the ThreatMetrix Digital Identity Network, which analyzes approximately 2 billion transactions per month. In the second quarter of 2017, ThreatMetrix detected 144 million attacks, nearly doubling the attack volume detected in the second quarter of 2016. Of note, ThreatMetrix saw a large spike in attack volume following the WannaCry ransomware attack in mid-May as attackers aimed to take advantage of consumers. In this slide show, eWEEK takes a look at some of the highlights of the latest ThreatMetrix Cybercrime Report.

The second quarter of 2017 was the most active ever for ThreatMetrix, with 144 million attacks detected and stopped.

Looking at the daily attack rates for the second quarter, ThreatMetrix recorded a large spike in mid-May just after the WannaCry ransomware incident, as attackers aimed to take advantage of the situation.

Attackers are increasingly using stolen identities to create new accounts that are then used for fraudulent transactions. According to ThreatMetrix, 10.5 percent of new account applications are now fraudulent.

The attack vectors used for fraud vary somewhat by geography. In North America and Europe, the top attack vector is device spoofing, while in Asia identity spoofing tops the list.

As users increasingly use mobile devices for all forms of transactions, the volume of mobile fraud is growing. ThreatMetrix reported that account creation and payments transactions are particularly vulnerable on mobile devices.

Device spoofing was the top attack vector in the second quarter, according to ThreatMetrix. With a device spoofing attack, a hacker changes browser and other device settings to change a device’s identity.

When looking at the source of attacks, ThreatMetrix found that attacks from hackers in the United States largely target victims in the United States.