Threat actors are getting better at exploiting human error

Trend Micro has found that businesses are seeking new ways to protect their expanding attack surface and maintain stability as cyber attacks keep growing

Global cybersecurity leader, Trend Micro, is warning of a growing risk to digital infrastructure and remote workers as threat actors increase their rate of attack on organisations and individuals.

According to the company, ransomware attackers are shifting their focus to critical businesses and industries more likely to pay, and double extortion tactics ensure that they are able to profit. Ransomware-as-a-service offerings have opened the market to attackers with limited technical knowledge – but have also given rise to more specialisation, such as initial access brokers who are now an essential part of the cybercrime supply chain.

"Attackers are always working to increase their victim count and profit, whether through quantity or effectiveness of attacks," said Jon Clay, vice president of threat intelligence at Trend Micro. "The breadth and depth of our global threat intelligence allows us to identify shifts in how malicious actors target their victims across the world. Our latest research shows that while Trend Micro threat detections rose 42% year-on-year in 2021 to over 94 billion, they shrank in some areas as attacks became more precisely targeted."

Attackers exploit the cloud 

Trend Micro's cybersecurity platform protects organisations and individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a range of advanced threat defence techniques optimised for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. 

Threat actors are getting better at exploiting human error to compromise cloud infrastructure and remote workers. The Trend Micro Cloud App Security (CAS) detected and prevented 25.7 million email threats in 2021 compared to 16.7 million in 2020, with the volume of blocked phishing attempts nearly doubling over the period. Research shows home workers are often prone to take more risks than those in the office, which makes phishing a particular risk.

In the cloud, incorrectly configured systems continue to plague organisations. Services such as Amazon Elastic Block Store and Microsoft Azure's Virtual Machine were among the services that had relatively high misconfiguration rates. 

Increasing attempts at personalised phishing attacks

Business email compromise (or. BEC) is a form of phishing attack where a criminal attempts to trick a senior executive (or budget holder) into transferring funds, or revealing sensitive information.

Unlike standard phishing emails that are sent out indiscriminately to millions of people, BEC attacks are crafted to appeal to specific individuals, and can be even harder to detect. BEC is a threat to all organisations of all sizes and across all sectors, including non-profit organisations and government.

BEC saw detections drop 11%. However, CAS blocked a higher percentage of advanced BEC emails, which could be detected only by comparing the writing style of the attacker with that of the intended sender. These attacks comprised 47% of all BEC attempts in 2021 versus 23% in 2020.

While 2021 was a record year for new vulnerabilities, Trend Micro research shows that 22% of the exploits sold in the cybercrime underground last year were over three years old. Patching old vulnerabilities remains an essential task alongside monitoring for new threats to prevent cyber-attacks and ensure strong security posture.

 

Share

Featured Articles

Zscaler and NVIDIA Join to Upskill Zero Trust with Gen AI

NVIDIA is joining with Zscaler to help integrate its AI solutions into their Zero Trust Exchange platform and Zscaler ZDX Copilot

Gigamon Sound Alarm on Cloud Security as Unseen Attacks Soar

Gigamon's latest Hybrid Cloud Security Survey shows unseen cyber attacks have increased 20% year on year

Helping APAC Curb the Threat of Cyber Attacks

With cyberattacks continuing to rise across the Asia-Pacific (APAC) region, technology advancements are having to intensify to thwart threat actors

SolarWinds: IT Staff Dubious on Organisation's AI Readiness

Technology & AI

Is Stress a Driving Force Behind the Cyber Skills Shortage?

Operational Security

Rapid7 AI Engine Update Sees Gen AI Supporting SOC With MDR

Technology & AI