Criminals increasingly drawn to low-profile attacks: Report

Trend Micro released its Midyear Security Roundup 2018, revealing that cybercriminals are moving away from attention-grabbing ransomware attacks to more covert methods intended to steal money and valuable computing resources.

Crypto-jacking attempts are making the biggest impact so far this year. Trend Micro recorded a 96 per cent increase in cryptocurrency mining detections in 1H 2018 compared to all of 2017, and a 956 per cent increase in detections versus 1H 2017. This indicates cybercriminals are shifting away from the quick payout of ransomware in favour of the slower, behind-the-scenes approach of stealing computing power to mine digital currency.

Nilesh Jain, Vice President – South East Asia and India, Trend Micro said, “In the wake of several breaches over the last few years, the country is reeling under the spate of attacks that have compromised databases belonging to banking institutions, government email servers, and Indian enterprises at large. We have also seen few public cloud providers getting compromised this year. Next year, the customers who don’t take adequate measures to their applications or data which are hosted in the public cloud might even get compromised.”

“A robust cybersecurity program is one of the most vital investments a company can make. Whatever the size or maturity level of a security infrastructure, there are some strategic steps that everyone can take to keep their data and organization safe. Even with the most unconventional gadgets, untutored staff can fall victim to some of the unpretentious and most common attacks. The best way to avoid this is to train your workforces on best security practices,” he further added.

“The recent change in the threat landscape mirrors what we’ve seen for years – cybercriminals will constantly shift their tools, tactics and procedures (TTPs) to improve their infection rates,” said Jon Clay, director of global threat communications for Trend Micro. “Standard spray and pray ransomware attacks and data breaches had become the norm, so attackers changed their tactics to be more covert, using entry vectors not previously seen or used extensively. This means once again, business leaders must evaluate their defences to ensure sufficient protection is in place to stop the latest and most pressing threats.”

Another shift in the first half of the year is toward unusual malware types, such as fileless, macro and small file malware. Trend Micro recorded a 250 per cent increase in detections of one particular small file malware, TinyPOS, compared to 2H 2017, which may be due to the increased ability of these malware types to circumvent defences that employ only one type of security protection.

Additionally, the Trend Micro Zero Day Initiative (ZDI) published more than 600 advisories in the first six months of 2018. Based on this increase in advisories, the ZDI is able to predict what types of vulnerabilities will likely be used next in real-world attacks. Among the advisories this year, the ZDI purchased and disclosed twice as many SCADA vulnerabilities compared to the same time last year. IT security managers running these environments must stay alert to this growing threat, especially as actors begin to perform destructive attacks rather than mere reconnaissance and testing.

Faced with rapidly evolving threats, organisations need to consolidate using a vendor that can provide complete, multi-layered protection against both commodity malware and emerging threats. Trend Micro’s leading threat intelligence collected over 30 years of business allows comprehensive protection, blocking more than 20 billion threats so far this year and counting.

(source)