Crypto-miners are dominating the threat landscape, taking up the top four most pervasive malware types, and impacting 37% of organisations around the world.
This is one of the findings of Check Point's 2019 Security Report, which highlights the main tactics cyber criminals use to attack businesses of all types around the globe.
The report aims to give cyber security professionals and C-level executives the information they need to protect their organisations from today's threats.
Africa was no different to its global counterparts, with crypto-miners also dominating the continent's malware landscape last year. Organisations in three of the key counties in Africa were highly impacted by the crypto-miner, Coinhive, including 41% in SA, 70% in Kenya and 69% in Nigeria.
The report also revealed that in spite of a drop in the value of all crypto-currencies, 20% of companies continue to be hit by crypto-mining attacks weekly. "Crypto-miners have also highly evolved recently to exploit high-profile vulnerabilities, and evade sandboxes and security products in order to expand their infection rates."
Moving target
The report highlighted that mobiles are still a compelling target for attackers, with one-third of organisations around the world being struck by mobile malware. Android remains the attackers' operating system of choice, with the leading three malware types targeting this platform.
"Last year also saw several cases where mobile malware was pre-installed on devices, and apps available from app stores that were actually malware in disguise," the company adds.
The scourge of multi-purpose botnets also featured, launching a range of attacks. "Bots were the third most common malware type, with 18% of organisations hit by bots which are used to launch DDoS [distributed denial-of-service] attacks and spread other malware."
Bot infections were instrumental in 49% of organisations that experienced a DDoS attack last year.
Peter Alexander, chief marketing officer of Check Point, says: "From the meteoric rise in crypto-mining to massive data breaches and DDoS attacks, there was no shortage of cyber-disruption caused to global organisations over the past year."
Threat actors are not short of attack vectors to choose from, or revenue streams to pursue, and if anything, they are getting stealthier and more cunning, he notes.
"These multi-vector, fast-moving, large-scale attacks are becoming more and more frequent, and organisations need to adopt a multi-layered cyber security strategy that prevents these attacks from taking hold of their networks and data."
On the plus side, ransomware attacks have dropped, with 2018 seeing ransomware usage fall dramatically, impacting 4% of organisations worldwide.