Fortinet, Intel Security, Palo Alto Networks and Symantec Corp, co-founders of the Cyber Threat Alliance (CTA), have announced publication of research examining the evolution and global impact of the aggressive CryptoWall ransomware.
Analysis of the CryptoWall Version 3 Threat is the first published report using combined threat research and intelligence from the founding and contributing members of the CTA.
This whitepaper provides organisations worldwide valuable insight into the attack lifecycle of this lucrative ransomware family, which is associated with over USD325 million in revenue for the malicious actors behind it, as well as recommendations for prevention and mitigation. The CTA further discovered 406,887 attempted CryptoWall infections, 4,046 malware samples, and 839 command and control URLs for servers used by cybercriminals to send commands and receive data.
The hundreds of millions in damages span hundreds of thousands of victims across the globe. North America was a particular target for most campaigns. All of the key findings and intelligence in the report are based on the collective visibility the members of the CTA have into the CryptoWall v3 threat.
Speaking about the initiative, Rick Howard, Chief Security Officer, Palo Alto Networks, said, “This type of collaborative research by security vendors reflects the power of effective threat information sharing and the positive effect it can have on helping maintain trust in our digital world. As a founding CTA member, we are committed to the idea that this new way of working together – of combining intelligence on a common adversary and sharing cyber threat information as a public good – is to the benefit of all organisations in the battle against cybercrime.”
Derek Manky, Global Security Strategist, Fortinet, said, “The explosion of connected devices and our reliance on digital platforms have created an environment that is both empowering and creating new ways for adversaries to penetrate networks. Managing this risk is a shared responsibility.
“We need to step forward, and not wait for the adversary to make the move first. This research demonstrates the power of the CTA partnership; when we grow our collective intelligence across all sectors, we can better combat advanced threats, deploy security controls to counteract the latest moves and deliver greater security for our customers and all organisations.”
Vice President of McAfee Labs, Intel Security, Vincent Weafer, said, “When we joined the Cyber Threat Alliance, we dedicated ourselves to working closely with our partners in industry and law enforcement to detect and disrupt cybercrime campaigns. This research demonstrates an ability to leverage our collective threat expertise and intelligence to provide enhanced protection for customers, and help us more effectively collaborate with law enforcement in order to disrupt criminal ecosystems and ultimately help bring more cyber criminals to justice.”