Palo Alto Networks, a global cybersecurity player on Wednesday released the 'Unit 42 Network Threat Trends Research Report Vol.2'. The report highlights the current trends in malware while providing a detailed analysis of the most common types of malware and their distribution methods.
The report presents a comprehensive analysis of global telemetry data collected from Palo Alto Networks Next-Generation Firewall (NGFW), Cortex Data Lake, Advanced URL Filtering, and Advanced Wildfire.
“Threat actors are constantly evolving their techniques, employing evasion tools and camouflage methods to bypass detection. Organisations must guard against malware designed to exploit older vulnerabilities while proactively staying ahead of sophisticated new attacks,” says Anil Valluri, Regional Vice President, India & SAARC at Palo Alto Networks.
The report revealed that the exploitation of vulnerabilities by cyber criminals has increased by 55 per cent compared to 2021. Linux malware is also on the rise, targeting cloud workload devices; an estimated 90 per cent of public cloud instances run on Linux. The most common types of threats against Linux systems are botnets (47 per cent) coinminers (21 per cent), and backdoors (11 per cent).
The report pointed out that PDFs are the most popular file type for delivering malware as email attachments - 66.6 per cent of all attachments. Unit 42 saw a 910 per cent increase in monthly registrations for domains, both benign and malicious, related to ChatGPT.
Threat actors were found more likely to target people visiting adult websites (20.2 per cent) and financial services (13.9 per cent) sites with newly registered domains (NRDs).
Unit 43 said that the malware aimed at industries using OT technology is increasing with the average number of malware attacks experienced per organization in the manufacturing, utilities, and energy industry increasing by 238 per cent (between 2021 and 2022).
"As millions of people use ChatGPT, it's unsurprising that we see ChatGPT-related scams, which have exploded over the past year, as cybercriminals take advantage of the hype around AI. But, the trusty email PDF is still the most common way cybercriminals deliver malware," says Sean Duca, VP and Regional Chief Security Officer at Palo Alto Networks. "Cybercriminals, no doubt, are looking at how they can leverage it for their nefarious activities, but for now, simple social engineering will do just fine at tricking potential victims. Organisations must therefore take a holistic view of their security environment to provide comprehensive oversight of their network and ensure security best practices are followed at every level of the organisation."