Malware Spikes Tied to Geopolitical Events in 2017

Multiple major geopolitical events in 2017 corresponded with major malware spikes in enterprise security in 2017, according to the Comodo Threat Research Labs’ Global Malware Report 2017. From elections to North Korean nuclear threats and missile launches, it appears that cyber actors are using geopolitical events to achieve cyber activism and other goals.

The report found corresponding events and malware spikes in multiple cases, including:

U.S. Elections: “A massive spike in Kryptik trojans occurred on Oct. 24, 2017, with more than 94 percent of nearly 300,000 trojans focused on the state of Virginia, where a close and hard-fought gubernatorial election took place,” the report says.
East Asia: China experienced malware growth – a virus surge of nearly 20,000 – when China’s President Xi visited the U.S. in April 2017 and North Korea fired test missiles. Malware also spiked in china during the Silk Road Summit, after an earthquake and U.S.-China naval dispute in August, and after China joined the U.S. and Russia in condemning a North Korea nuclear test in September.
North Korea: Comodo reports a “startling trojan increase in the country on Sept. 19, 2017, corresponding with a speech at the United Nations where U.S. President Donald Trump threatened to destroy North Korea.”

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.