Rethink security priorities

1 April 2019 News, Cyber Security

Trend Micro recently released its 2018 Security Roundup Report, which depicts a threat landscape that has evolved heavily through both approach and tactics. One shift in attacks that businesses should be aware of is the rapid growth of cryptocurrency mining, which increased 237%. Overall, attacks that capitalise on the human desire to respond to urgent requests from authority are on the rise, such as business email compromise (BEC) and phishing, with phishing URL detections having increased 269% compared to 2017.

“The changes across the threat landscape in 2018 reflect a change in cybercriminal’s mindset,” said Jon Clay, director of global threat communications for Trend Micro. “Today’s most prevalent attacks are targeted and well planned, as opposed to one-size-fits-all attacks of the past. Knowing this pattern, we’re developing products that can outsmart these attack methods and allow us to be one step ahead of the bad guys.”

The number of BEC attacks in 2018 increased by 28%. While these attacks are less frequent than phishing attacks, they are more sophisticated and take more careful planning for cybercriminals and they yield an average of $132 000 per attack. As these attacks contain no malware and go undetected by traditional security measures, companies need to increase their protection against these attacks with smart solutions that analyse the email writing style of key executives in order to identify whether the email may be fraudulent. Trend Micro’s Writing Style DNA does exactly that and effectively helps detect business email compromise (BEC) attacks.

Another area of change across the threat landscape in 2018 was seen in zero-day vulnerabilities. Trend Micro’s Zero Day Initiative (ZDI) bought and disclosed more vulnerabilities in 2018 than ever before, including 224% more industrial control system bugs. This is particularly significant for organisations that struggle to implement patches across their systems. While zero-day exploits are less and less common, known vulnerabilities were used to execute the largest attacks in 2018. These tactics rely on vulnerabilities that have had patches available for months, even years, yet remain exposed in corporate networks.

Another strong indicator of how the threat landscape is shifting can be seen in the types of threats that decline. Ransomware detections decreased by 91% compared to 2017, along with a 45% decrease in new ransomware families. This reinforces the shift in attack tactics, as ransomware does not require extensive planning, technical skills or ingenuity due to the large number of resources available for malicious hackers in the cybercriminal underground.

To find out more on the key developments in the 2018 threat landscape, please visit: https://www.trendmicro.com/vinfo/gb/security/research-and-analysis/threat-reports/roundup/advanced-defenses-for-advanced-email-threats





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

iPulse to distribute Hitachi’s VeinID products
Issue 4 2021, iPulse Systems , News, Access Control & Identity Management
Hitachi Europe, a pioneer of finger vein biometric technology and iPulse Systems have announced a partnership to allow iPulse to distribute Hitachi’s VeinID products and solutions in Africa.

Read more...
Cloud Security 2021: Latest trends and insights
Issue 4 2021 , News
With cloud security continuing to be a hot topic in 2021, Fortinet and Cybersecurity Insiders decided to ask cybersecurity professionals around the world and across all industries for their latest insights.

Read more...
Panomera S-Series recognised with iF Design Award 2021
Issue 3 2021, Dallmeier Electronic Southern Africa , News
All Panomera models are equipped with the uniform Quick-Lock system, which makes them compatible with all mounting options – for wall, ceiling, mast and edge storage.

Read more...
AVeS launches cybersecurity awareness campaign
Issue 3 2021, AVeS Cyber Security , News
Amidst rising cybercrime, ongoing lockdowns and the Protection of Personal Information Act (PoPIA) deadline in South Africa, organisations and their employees are facing a staggering increase in cyber risks.

Read more...
PoPIA: De-identifying, matching and filing
Issue 3 2021 , Editor's Choice, News, Security Services & Risk Management
Three of the crucial areas in organisational PoPIA compliance that must be discussed include de-identifying, information matching programmes and filing systems.

Read more...
ONVIF releases Profile M
Issue 3 2021 , News, CCTV, Surveillance & Remote Monitoring
ONVIF has released Profile M to address the dynamic video analytics market as well as expanding the pathways for the use of metadata and event handling into other systems, such as access control, cloud services and IoT platforms.

Read more...
Top cybersecurity considerations for SMEs in 2021
Issue 3 2021 , Cyber Security, News
Cisco has published its 2021 SMB Security Outcomes Study, highlighting what SMB leaders are doing to thrive in today's ever-evolving threat landscape, as well as offering actionable insights on where they should focus.

Read more...
Never allow someone onto your property without asking questions first
Issue 3 2021, Fidelity Services Group , News, Security Services & Risk Management
Opportunistic criminals are always looking for easy targets. Being aware of basic personal safety measures can go a long way towards protecting you from impersonators and imposters.

Read more...
From the editor's desk: A storm in the cloud
Issue 4 2021, Technews Publishing , News
The latest ransomware attack, named Kaseya after a company that provides a number of tools to customers all over the world, has hit a number of companies ‘downstream. In other words, some of the companies ...

Read more...
Winners of the inaugural South Africa OSPAs
Issue 4 2021, Technews Publishing, Secutel Technologies, Cathexis Technologies , Editor's Choice, News, Integrated Solutions, Security Services & Risk Management
The presentation of the first-ever South Africa Outstanding Security Performance Awards (OSPAs) took place virtually on Thursday 3rd June 2021 as part of an internationally attended online thought leadership webinar.

Read more...