Rising instances of cyberattack are causing spiralling risk to digital infrastructures and remote workers.
Rising instances of cyberattack are causing spiralling risk to digital infrastructures and remote workers.
That’s the message laid out cybersecurity firm, Trend Micro, following a study into the intensity and likely impact of online hacks against global organisations and individuals.
The research shines a light on how ransomware attackers are shifting their focus to critical businesses and towards industries more likely to pay. Doubling of extortion tactics is helping to ensure that bad actors are able to profit.
Ransomware-as-a-Service (RaaS) offerings have opened the market to attackers with limited technical knowledge, but they have also given rise to greater specialisation, such as initial access brokers who are now an essential part of the cybercrime supply chain.
Online criminals are also getting better at exploiting human error to compromise cloud infrastructure and remote workers. Trend Micro detected and prevented 25.7 million email threats in 2021 compared to 16.7 million in 2020, with the volume of blocked phishing attempts nearly doubling over the period.
As hybrid arrangements develop for professionals around the world, new research shows how home workers can be prone to take more risks than those in the office, which makes phishing a particular risk.
In the cloud, incorrectly configured systems continue to plague organizations. Services such as Amazon Elastic Block Store and Microsoft Azure’s Virtual Machine were among the services that had relatively high misconfiguration rates.
Specialists also found that Docker REST APIs are frequently misconfigured, exposing them to attacks from groups like TeamTNT that deploy crypto-mining malware on affected systems.
Business email compromise (BEC) saw detections drop 11%. However, a higher percentage of advanced BEC emails are being blocked, communications that only could be detected by comparing the writing style of the attacker with that of the intended sender. These attacks comprised 47% of all BEC attempts in 2021 versus 23% in 2020.
While 2021 was a record year for new vulnerabilities, research shows that 22% of the exploits sold in the cybercrime underground last year were over three years old. Patching old vulnerabilities remains an essential task alongside monitoring for new threats to prevent cyber-attacks and ensure strong security posture.
Jon Clay, VP of threat intelligence at Trend Micro said:
“Attackers are always working to increase their victim count and profit, whether through quantity or effectiveness of attacks.
“The breadth and depth of our global threat intelligence allows us to identify shifts in how malicious actors target their victims across the world. Our latest research shows that while Trend Micro threat detections rose 42% year-on-year in 2021 to over 94 billion, they shrank in some areas as attacks became more precisely targeted,” Clay added.
PrivSec World Forum
Part of the Digital Trust Europe Series - will take place through May, June & July 2022, visiting five major cities;
Brussels | Stockholm | London | Dublin | Amsterdam
PrivSec World Forum is a two-day, in-person event taking place as part of the Digital Trust Europe series. Data protection, privacy and security are essential elements of any successful organisation’s operational make-up. Getting these things right can improve stakeholder trust and take any company to the next level.
PrivSec World Forum will bring together a range of speakers from world-renowned companies and industries—plus thought leaders and experts sharing case studies and their experiences—so that professionals from across all fields can listen, learn and debate.
No comments yet