Hacking democracy efforts continue with upticks in malware deployments

Comodo Cybersecurity released its Global Threat Report 2018 Q3, offering insights from Comodo Threat Research Lab experts into key cyberthreat trends and the impact of malware on elections and other geopolitical events.

Hacking democracy and malware in conflict zones

The Comodo Q3 report also reveals disturbing upticks in malware deployment leading up to major national elections. Comodo Cybersecurity researchers document the impact of malware on elections in Russia, Turkey, Mali, Sierra Leone, Azerbaijan and Columbia.

The report also highlights the compelling correlations of malware detection leading up to and immediately following geopolitical crises – events in the Syria civil war, the ongoing machinations around the Iran nuclear weapons agreement, the Israel-Palestine conflict and the military operations of Saudi Arabia against Yemen.

“These correlations clearly stand out in the data, beyond the realm of coincidence,” said VP of Comodo Cybersecurity Threat Research Labs, Fatih Orhan. “It is inescapable that state actors today employ malware and other cyberthreats as both extensions of soft power and outright military weapons, as do their lesser-resourced adversaries in asymmetric response.”

Phishing highlights

Email phishing remains the most common method of attack. Highlights in the latest quarter include:

• Phishing represents one of every 100 emails received by enterprises
• The dubious distinction of the most frequently targeted brands by phishing in the quarter went to Microsoft (19%), PayPal (17%) and Google (9.7%)
• The US ranked No. 1 for both hosting of phishing sites (65%) and country of origin (36%)
• Phishing URLs are gaining in popularity, representing 40% of the total, although infected attachments remain the majority at 60%

Researchers cited one phishing email as representative of the uptick in quality, making it harder for users to identify the risk. An email purporting to be a survey regarding Microsoft Azure’s newsletter sported an authentic looking URL and logo, and did not have the telltale grammar or spelling errors that often give away phishing emails. Anyone clicking on the “Take the survey” button was sent to a malware-laden webpage to covertly infect them.