Top 11 Most Common Malware Species Driving Cybercriminal Activities of 2021
In the ever-evolving landscape of cybersecurity, understanding the threats that loom large is essential for corporate stakeholders. The question on many minds is simple: Are we a target?
The year 2021 saw a host of malware strains wreaking havoc, with the top 11 including viruses, worms, Trojans, ransomware, spyware, and rootkits, among others. The list includes familiar names like Agent Tesla, AZORult, FormBook, Ursnif, LokiBot, MOUSEISLAND, NanoCore, Qakbot, Remcos, TrickBot, and GootLoader.
One of the most noteworthy entries on this list is TrickBot, a malware strain that has been in operation for several years. Operated by a sophisticated group of malicious actors, TrickBot is described as a modular, adaptable platform used to initiate multi-stage attacks, including reconnaissance, credential theft, and the eventual deployment of ransomware.
TrickBot is particularly associated with the Conti ransomware group and related criminal affiliates. It is often used to deploy Conti ransomware, a strain that the FBI has identified as the costliest ever documented. CISA has also warned that Conti ransomware has evolved into a highly modular, multi-stage malware.
In response to these threats, CISA has advised critical infrastructure organizations to take several precautions. These include updating software, enforcing multifactor authentication, securing and monitoring remote desktop protocol, maintaining offline data backups, and training employees to prepare for and mitigate these threats.
It's important to note that developers of these top malware strains, including TrickBot, continue to support, improve, and distribute their malware over several years. Malware code bases are commonly reused and transformed into variant strains to add new capabilities and dodge threat hunters.
In a joint advisory, the Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) highlighted the risks posed by these malware strains. They emphasised the need for organisations to prioritise cybersecurity measures and stay vigilant in the face of these persistent threats.
In the end, understanding the risks and taking proactive measures is key to staying safe in the digital world. By staying informed and taking the necessary precautions, organisations can minimise their exposure to these malicious threats.
