Falling returns from cyber attacks are forcing criminals to use unconventional methods

For the first time since 2013, ransomware incidents fell by 20 per cent last year, found Symantec

FILE PHOTO: A projection of cyber code on a hooded man is pictured in this illustration picture taken on May 13,  2017. REUTERS/Kacper Pempel/Illustration/File Photo
Powered by automated translation

Falling returns from cyber attacks are forcing criminals to use unconventional methods to extort money as internet users become more savvy and incidents of crimes decline, a report found.

Primarily due to increased awareness, for the first time since 2013, ransomware incidents fell by 20 per cent last year, said American software company Symantec. Ransomware is a software breach that threatens to publish the victim's data or permanently block access for them unless a ransom is paid.

More than 4,800 websites are compromised globally each month with a type of hacking called formjacking – in which a malicious code is added to websites to steal bank card details of shoppers – according to Symantec.

“Globally, one in 344 formjacking attacks were blocked in the UAE, representing a serious threat for both local businesses and consumers,” said Gordon Love, vice president of Europe, Middle East and Africa emerging region at Symantec.

Consumers have no way of knowing if an online retailer they are visiting has a website that is breached without using a comprehensive security solution, leaving valuable personal and financial information vulnerable, he added.

Only 10 credit cards stolen from each of the 4,800 compromised websites every month could yield up to $2.2 million (Dh8.08m) each, according to Symantec’s report. Attackers are increasingly focusing on Internet of Things as an entry point to technical systems, the report added.

“With an increasing trend towards the convergence of IT and industrial IoT, the next cyber battlefield is operational technology [use of computers to modify the physical state of a system],” said Mr Love.

“A growing number of groups have displayed interest in compromising operational systems and industrial control systems to potentially prepare for cyber warfare.”

The report also revealed, email malware attacks in the UAE have increased year-on-year, double the global average.

In 2018, one in 183 emails in the country had included a malicious attachment or link, whereas the global average was one in 412 emails during the same time period.

The type of cyber attacks also depend on the size of a company.

Companies in the UAE with more than 2,500 employees were most likely to be targeted by malware – a software damaging computer networks. Whereas, medium-sized companies with 500 to 1,000 employees, were likely to be most attacked by spam emails – unsolicited messages sent in bulk.