Story image

Why cybercriminals are moving away from attention-grabbing ransomware attacks

Trend Micro released its Midyear Security Roundup 2018, revealing that cybercriminals are moving away from attention-grabbing ransomware attacks to more covert methods intended to steal money and valuable computing resources.

Crypto-jacking attempts are making the biggest impact so far this year. In Australia, Trend Micro recorded a 32% increase in cryptocurrency mining detections between Q1 and Q2 2018. 

This was also reflected on a global level as Trend Micro recorded a 96% increase in cryptocurrency mining detections in 1H 2018 compared to all of 2017 and a 956% increase in detections versus 1H 2017. 

This indicates cybercriminals are shifting away from the quick payout of ransomware in favour of the slower, behind-the-scenes approach of stealing computing power to mine digital currency.

The report also reveals a steady increase in business email compromise (BEC) attempts in 1H 2018 compared to 2H 2017, showcasing an interesting trend that sees cybercriminals attempt to carry out subtle, low-tech attacks that yield high monetary returns. 

Research by Trend Micro also detected the highest number of BEC attempts in Australia in 1H 2018. This reaffirms the need for Australian organisations to use both training and technology to thwart even low-tech cyberattacks.

Another shift in the first half of the year is toward unusual malware types, such as fileless, macro and small file malware. 

Trend Micro recorded a 250% increase in detections of one particular small file malware, TinyPOS, compared to 2H 2017, which may be due to the increased ability of these malware types to circumvent defences that employ only one type of security protection.

Additionally, the Trend Micro Zero Day Initiative (ZDI) published more than 600 advisories in the first six months of 2018. Based on this increase in advisories, the ZDI is able to predict what types of vulnerabilities will likely be used next in real-world attacks. 

Among the advisories this year, the ZDI purchased and disclosed twice as many SCADA vulnerabilities compared to the same time last year. IT security managers running these environments must stay alert to this growing threat, especially as actors begin to perform destructive attacks rather than mere reconnaissance and testing.

Faced with rapidly evolving threats, organisations need to consolidate using a vendor that can provide complete, multi-layered protection against both commodity malware and emerging threats. 

Trend Micro’s leading threat intelligence collected over 30 years of business allows comprehensive protection, blocking more than 20 billion threats so far this year and counting. In Australia, Trend Micro blocked over 140 million email threats in the first half of 2018.

Veeam releases v3 of its MS Office backup solution
One of Veeam’s most popular solutions, Backup for Office 365, has been upgraded again with greater speed, security and analytics.
Too many 'critical' vulnerabilities to patch? Tenable opts for a different approach
Tenable is hedging all of its security bets on the power of predictive, as the company announced general available of its Predictive Prioritisation solution within Tenable.io.
Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Cryptojacking and failure to patch still major threats - Ixia
Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.
Princeton study wants to know if you have a smart home - or a spy home
The IoT research team at Princeton University wants to know how your IoT devices send and receive data not only to each other, but also to any other third parties that may be involved.
Organisations not testing incident response plans – IBM Security
Failure to test can leave organisations less prepared to effectively manage the complex processes and coordination that must take place in the wake of an attack.