Midyear Security Roundup combines expansive Trend Micro data to offer business insights on growing threats
Trend Micro has released its Midyear Security Roundup 2018, revealing that cybercriminals are moving away from attention-grabbing ransomware attacks to more covert methods intended to steal money and valuable computing resources.
This report follows on the heels of Trend Micro’s annual cybersecurity conference – CLOUDSEC 2018 Singapore, which took place on 16 August. The one-day event saw 860 attendees including 109 CIOs, CISOs, and Heads of IT across ASEAN and India; and featured talks delivered by companies like Grab, Amazon Web Services, VMware, Forrester, Aviva, Cloud Security Alliance (CSA), and more. The attendees discussed many of the hot topics in the industry, such as endpoint protection and detection versus managed detection and response, cloud security, managing operations technology in the smart factory, the role of the CIO/CISO, to name a few.
Crypto-jacking attempts are making the biggest impact so far this year. Trend Micro recorded a 96 percent increase in cryptocurrency mining detections in 1H 2018 compared to all of 2017, and a 956 percent increase in detections versus 1H 2017. This indicates cybercriminals are shifting away from the quick payout of ransomware in favor of the slower, behind-the-scenes approach of stealing computing power to mine digital currency.
“The recent change in the threat landscape mirrors what we’ve seen for years – cybercriminals will constantly shift their tools, tactics and procedures (TTPs) to improve their infection rates,” said Nilesh Jain, Vice President, Southeast Asia and India, Trend Micro. “Standard spray-and-pray ransomware attacks and data breaches had become the norm, so attackers changed their tactics to be more covert, using entry vectors not previously seen or used extensively. This means once again, business leaders must evaluate their defenses to ensure sufficient protection is in place to stop the latest and most pressing threats.”
Another shift in the first half of the year is toward unusual malware types, such as fileless, macro, and small file malware. Trend Micro recorded a 250 percent increase in detections of one particular small file malware, TinyPOS, compared to 2H 2017. This may be due to the increased ability of these malware types being able to circumvent defenses that employ only one type of security protection.
Additionally, the Trend Micro Zero Day Initiative (ZDI) published more than 600 advisories in the first six months of 2018. Based on this increase in advisories, the ZDI is able to predict what types of vulnerabilities will likely be used next in real-world attacks. Among the advisories this year, the ZDI purchased and disclosed twice as many SCADA vulnerabilities compared to the same time last year. IT security managers running these environments must stay alert to this growing threat, especially as actors begin to perform destructive attacks rather than mere reconnaissance and testing.
Faced with rapidly evolving threats, organizations need to consolidate using a vendor that can provide complete, multi-layered protection against both commodity malware and emerging threats. Trend Micro’s leading threat intelligence collected over 30 years of business allows comprehensive protection, blocking more than 20 billion threats so far this year and counting.
For a complete look at the Midyear Security Roundup 2018, please visit: https://www.trendmicro.com/vinfo/sg/security/research-and-analysis/threat-reports/roundup/unseen-threats-imminent-losses
To learn more about CLOUDSEC Singapore and watch the recorded presentations, please follow our social media handles.
Twitter: @CLOUDSECtweets
LinkedIn: CLOUDSEC, CLOUDSEC Security News
Facebook: CLOUDSEC
YouTube: Team CLOUDSEC
About Trend Micro
Trend Micro Incorporated, a global leader in cybersecurity solutions, helps to make the world safe for exchanging digital information. Our innovative solutions for consumers, businesses, and governments provide layered security for data centers, cloud environments, networks, and endpoints. All our products work together to seamlessly share threat intelligence and provide a connected threat defense with centralized visibility and control, enabling better, faster protection. With more than 6,000 employees in over 50 countries and the world’s most advanced global threat intelligence, Trend Micro secures your connected world. For more information, visit www.trendmicro.com.