sb-eu logo
Story image

Fileless attacks surge as attackers look to boost ROI

30 Aug 2019

Fileless attacks have skyrocketed 265% this year compared to the first half of 2018, and there’s no sign that they will slow down.

Trend Micro’s Evasive Threats, Pervasive Effects: 2019 Midyear Security Roundup report indicates that attackers are targeting victims that could provide the greatest return on investment – namely businesses and other profitable environments.

In total, Trend Micro blocked more than 26.8 billion threats in the first half of 2019, which is an increase of more than 6 billion compared to the same period last year. Of note, 91% of these threats entered the corporate network via email.

Attackers are also commonly deploying threats that can’t be picked up by traditional security filters. This is because those threats can be executed in a system's memory, reside in the registry, or abuse legitimate tools.

“So-called fileless threats are not as visible as traditional malware since these typically do not write to disk, are usually executed in a system’s memory, reside in the registry, or misuse normally whitelisted tools like PowerShell, PsExec, or Windows Management Instrumentation,” the report notes.

Additionally, exploit kits have also risen 136% compared to the same time in 2018.

"Sophistication and stealth is the name of the cybersecurity game today, as corporate technology and criminal attacks become more connected and smarter," says Trend Micro’s director of global threat communications, Jon Clay.

"From attackers, we saw intentional, targeted, and crafty attacks that stealthily take advantage of people, processes and technology. However, on the business side, digital transformation and cloud migrations are expanding and evolving the corporate attack surface. To navigate this evolution, businesses need a technology partner that can combine human expertise with advanced security technologies to better detect, correlate, respond to, and remediate threats."

Cryptomining malware remains a prevalent threat this year, as attackers deploy these threats on servers and in cloud environments.

The number of routers involved in possible inbound attacks also increased 64% compared to the first half of 2018, with more Mirai variants searching for exposed devices.

Digital extortion attempts surged 319% compared to the second half of 2018. Business email compromise (BEC) scams remain a major threat, with detections jumping 52% compared to the past six months. Ransomware-related files, emails and URLs also grew 77% over the same period.

Trend Micro says that mitigating these advanced threats requires smart defense-in-depth that can correlate data from across gateways, networks, servers and endpoints to best identify and stop attacks.

Story image
Video: 10 Minute IT Jams – Who is Claroty?
Its focus is on simplifying OT availability, reliability, and safety for a more secure working environment – without requiring downtime or dedicated teams.More
Story image
Adobe, IBM and Red Hat partner up to accelerate DX and real-time data security
"As companies undergo their digital transformations and move core workloads to the cloud, the entire C-suite is facing a re-framing of their roles to meet customer demands – all while keeping security front and centre."More
Story image
Forescout and ServiceNow advance tech partnership to protect critical infrastructure
Forescout and ServiceNow have announced they are advancing their partnership for enhanced operational technology (OT) and industrial IoT capabilities, with an aim of helping organisations to protect critical infrastructure from cyber threats.More
Story image
Security teams face mounting stress, call for execs to step in
“With more organisations operating under remote work conditions, the attack surface has broadened, making security at scale a critical concern. This is a call to action for executives to prioritise alleviating the stress."More
Story image
Internet outages drastically increased during COVID-19 lockdowns, report finds
Global internet disruptions increased 63% in March, with internet service providers hit the hardest. This is according to the 2020 Internet Performance Report from ThousandEyes, the internet and cloud intelligence company.More
Story image
Microsoft's new security features address common pain points
Azure Sentinel, data loss prevention, and insider risk management are all announcements from this year's Inspire.More