With those realities in mind, Webroot recently released its 2018 Webroot Threat Report. It presents analysis, findings, and insights from the Webroot Threat Research team on the state of cyber threats. The company claims that the report analyzed more than 27 billion URLs, 600 million domains, 4.3 billion IP addresses, 62 million mobile apps, 15 billion file behavior records, and 52 million connected servers.

The report definitely shows that attackers are learning just as quickly as security professionals, and are finding new ways to breach networks. Some of the most common attacks were analyzed in the report, including polymorphic attacks, cryptojacking, ransomware, and phishing.

Polymorphic attacks

As security programs and professionals continue to learn how to find and detect malware, attackers are finding new ways to hide it. Polymorphic attacks can be especially difficult to combat because the signatures that can be used to identify it are constantly updating and changing. According to the report, more than 94% of all malicious executables are polymorphic. Supporting this claim is the fact that in 2017, 93% of the malware encountered was seen on only one machine, meaning the signature changed enough from machine to machine that each variant was only able to be detected once.

The report claims that upgrading all business devices to Windows 10, which offers greater security than previous versions, is a great way to combat the spread of polymorphic attacks.  According to the report, combined with advanced endpoint protection that uses behavioral analysis and machine learning, adopting Windows
10 can greatly reduce enterprises’ vulnerability to cyberattacks.

Cyrptojacking

As a relatively new threat on the scene, crytpojacking is quickly becoming a very serious threat. Based on early reports, this threat is becoming quite popular because it is highly profitable and easy to implement. Instead of hijacking someone’s files in exchange for money, like ransomware attacks, the attacker simply utilizes the victims CPU power to mine crytpocurrency. Since this form of attack is mostly invisible to the end user, the system could be compromised for quite some time before it is found.

Ransomware

Although ransomware has been around for a while, it is still an extremely popular form of attack. Just last year we witnessed the most widespread ransomware attacks to date. WannaCry and NotPetya were both extremely destructive and together they were able to infect more than 200,000 machines in more than 100 countries, all within just 24 hours.

Phishing

One of the most successful phishing attacks occurred during 2017. The email that claimed to be a Google Doc from a trusted contact claimed a lot of victims. The main reason it was so successful was that it was highly targeted, and used social engineering to convince the user the email was from a legitimate source. The report from Webroot also found that almost 25% of phishing sites used IP masking, which makes it more difficult to discern the actual IP address of the domain. Another common tactic is to use benign domain names and replace a single web page with phishing content. When inserted as a disconnected, isolated page (i.e. no pages on the site point to the phishing page, nor does the phishing page point to any other pages on the site), it is nearly impossible for crawlers to detect the phishing threat.

There are several more insights into the latest threats and how to combat them within the report. You can view the reportfrom Webroot on their website. However, they recommend, not only making sure operating systems are completely up to date, but organizations should also be using automated, real-time decisionmaking based on continuously-updated threat intelligence, contextual analysis and advanced endpoint and network protection. When coupled with strong user security training, any organization can materially reduce its exposure to unacceptable risk, according to Webroot.

Once the application is launched it silently encrypts all the data and presents you with a Ransom Note demanding money typically in BitCoin.

If it's on Bitcoin they can use it to purchase anything online from gold bullion, to shares, to property even and it's virtually untraceable and you have to buy it with cash.

Many people have opted to pay rather than worry about trying to fix it as this is where you realise that your backups do not work.

The advice is to delete it unsure, contact the sender to verify but NEVER follow or click on the links.

Here’s how to protect your data;

Use an up-to-date antivirus with internet protection that helps you avoid fake emails and spam
Don’t open suspicious emails or attachments from unverified sources.  - Remember that banks, companies and agencies don’t ask for personal information via email
Back important files up, either online or on external drives (and disconnect them when not backing up)
Make sure your operating system is updated and patched