2015 saw more cyberattacks against corporates than those targeting consumers. Hackers used various tools against businesses including exploitation of software programs, and malware signed with a fraudulent digital signature to keep malicious files hidden.
According to data produced by research firm Kaspersky Lab, cryptolocker attacks, which encrypt files on an affected system and demand ransom for recovering the data, doubled in 2015. Kaspersky said more than 50,000 corporate systems were affected by such attacks. The ransom money received from the companies could be larger than that from individuals.
Security experts found that about 58% of corporate PCs were affected at least once by malware infection, whereas one in three business PCs were exposed at least once to internet-based attack. The attacks on office applications were three times more than consumer attacks.
Yury Namestnikov, senior security researcher at Global Research and Analysis Team, Kaspersky Lab, said: "Organisations that have fallen victim to a cryptolocker can find themselves faced with a ransom demand to stop a DDoS-attack, decrypt files, or maintain the confidentiality of any stolen information. Because the evidence shows that cybercriminals don't always honour the agreement once the ransom has been paid - as happened in the case of the DDoS-attacks on Proton-mail, many of those affected should call in law enforcement and computer security experts."
Apart from the cyberattacks, corporate PCs also face local threats, accounting for 41% of attacks, such as from infected USB sticks. There has also been a notable increase — up to 7% from 2014 — in exploits targeting the Android platform. These attacks take a significant amount of time, as the attackers collect information about companies' employees.
The primary target of cybercriminals and advanced persistent threats (APT) is financial services organisations such as banks, investment funds, stock and currency exchanges and those handling cryptocurrencies.
There is also a growing diversification in attacks. For instance, the Chinese APT, Winnti APT, switched their targets from computer games companies to those in pharmaceuticals and telecommunications.
"The future cyber-landscape for business includes a new attack vector: infrastructure, because almost all of an organization's valuable data is stored on servers in data centres. We also expect tougher safety standards from regulators, which could lead to more cybercriminals being arrested in 2016," added Yury Namestnikov.