According to Trend Micro’s latest report, there was a threefold growth in fileless events which evaded traditional defenses. In the same period, email threats rose 30% for 1H 2019, compared to 2018 in Singapore.
Global cyber security firm Trend Micro publishes its roundup report for Q2 2019, revealing a surge in fileless attacks that take advantage of a machine’s built-in tools and applications for attacks, leaving no identifiable signature behind. According to the report, detections of this threat alone were up 265% compared to the first half of 2018.
The report also claims that email was still the most used threat vector deployed to infiltrate a corporate network and target unsuspecting employees. Email threats in Singapore saw a 30% increase for the first half of 2019, compared to the first half of 2018. This trend was possibly driven by cybercriminals moving to and favoring cloud-based or mobile platforms, such as Office 365, as avenues for scamming users and enterprises.
On a global level, business email compromise (BEC) remains a major threat, with detections jumping 52% compared to the past six months.
According to Trend Micro Vice President Nilesh Jain, the CEO remained the most spoofed position in BEC scams, as emails from CEOs tended to elicit a sense of urgency and inspire prompt action from the recipients. Employees targeted typically were those who were authorized to conduct wire transfers.
“Email remained a top threat vector in Singapore – we saw intentional, targeted, and crafty attacks that stealthily take advantage of people, processes, and technology. To navigate this evolution, businesses need a technology partner to build a secure foundation in cybersecurity, which is essential to driving Singapore’s Smart Nation agenda. The future of email security will also contend with threats that arise from the integration of workplace collaboration tools, such as Slack or Dropbox, with email platforms. As a rule of thumb, organizations should ensure that IT personnel are briefed and educated about the security repercussions, and put in sufficient security at the email gateway and for internal emails that don’t cross the gateway,” says Jain.
The findings in 2019 so far confirm many of the predictions Trend Micro made last year. Namely, attackers are working smarter to target businesses and environments that will produce the greatest return on investment.
1H 2019 global threats trends at-a-glance
In terms of file-based threat components, crypto-mining malware remained the most detected threat in the first half of 2019, with attackers increasingly deploying these threats on servers and in cloud environments. Substantiating another prediction, the number of routers involved in possible inbound attacks jumped 64% compared to the first half of 2018, with more Mirai variants searching for exposed devices.
Digital extortion schemes soared by 319% from the second half of 2018, which aligns with previous projections.
Ransomware-related files, emails, and URLs grew 77% over the same period.
Exploit kits have also made a comeback, with a 136% increase compared to the same period in 2018.
In total, Trend Micro blocked more than 26.8 billion threats in the first half of 2019, over 6 billion more than the same period last year. Of note, 91% of these threats entered the corporate network via email. Mitigating these advanced threats requires smart defense-in-depth that can correlate data from across gateways, networks, servers and endpoints to best identify and stop attacks.
Download the full report Evasive Threats, Pervasive Effects: 2019 Midyear Security Roundup.
(Ed. Trend Micro says the primary source of data is Trend Micro’s Smart Protection Network (SPN), a global repository of threat intelligence. The data is collected from Trend Micro customers who have enabled the feedback mechanism from their products and solutions. Trend Micro Incorporated has more than 6,000 employees in over 50 countries and claims to be the world’s most advanced global threat intelligence company.)