Criminals now focus on low-profile cyber attacks – Trend Micro Report
Crypto-jacking attempts are making the biggest impact so far this year.
Trend Micro recorded a 96 percent
increase in cryptocurrency mining detections in 1H 2018 compared to all
of 2017 and a 956 percent increase in detections versus 1H 2017.
This indicates cybercriminals are
shifting away from the quick payout of ransomware in favor of the
slower, behind-the-scenes approach of stealing computing power to mine
digital currency.
“The recent change in the threat
landscape mirrors what we’ve seen for years – cybercriminals will
constantly shift their tools, tactics and procedures (TTPs) to improve
their infection rates,” said Jon Clay, director of global threat
communications for Trend Micro.
“Standard spray and pray ransomware
attacks and data breaches had become the norm, so attackers changed
their tactics to be more covert, using entry vectors not previously seen
or used extensively. This means once again, business leaders must
evaluate their defenses to ensure sufficient protection is in place to
stop the latest and most pressing threats.”
Another shift in the first half of the year is toward unusual malware types, such as fileless, macro and small file malware.
Trend Micro recorded a 250 percent
increase in detections of one particular small file malware, TinyPOS,
compared to 2H 2017, which may be due to the increased ability of these
malware types to circumvent defenses that employ only one type of
security protection.
Additionally, the Trend Micro Zero Day Initiative (ZDI) published more than 600 advisories in the first six months of 2018.
Based on this increase in advisories,
the ZDI is able to predict what types of vulnerabilities will likely be
used next in real-world attacks.
Among the advisories this year, the
ZDI purchased and disclosed twice as many SCADA vulnerabilities compared
to the same time last year.
IT security managers running these
environments must stay alert to this growing threat, especially as
actors begin to perform destructive attacks rather than mere
reconnaissance and testing.
Faced with rapidly evolving threats,
organizations need to consolidate using a vendor that can provide
complete, multi-layered protection against both commodity malware and
emerging threats.
Trend Micro’s leading threat
intelligence collected over 30 years of business allows comprehensive
protection, blocking more than 20 billion threats so far this year and
counting.
For a complete look at the Midyear Security Roundup 2018, please visit: https://www.trendmicro.com/vinfo/us/security/research-and-analysis/threat-reports/roundup/unseen-threats-imminent-losses
No comments