The increase in ransomware, cryptocurrency mining and business email compromise attempts throughout 2017 will continue this year as cybercriminals refine and target their attacks for greater financial return, says cybersecurity multinational Trend Micro.
Cybercriminals are increasingly abandoning exploit kits and spray-and-pray tactics in favour of more strategic attacks designed to improve their return on investment. They increasingly find they are able to gain more – whether it is money, data, or to cause reputation damage – by strategically targeting companies’ most valuable assets.
Trend Micro sub-Saharan Africa VP Indi Siriniwasa noted that South Africans fell victim to 15-million ransomware attacks in 2017, and Trend Micro products detected more than 10 000 incidents of mobile malware and online banking malware.
Further, according to a Trend Labs report, over 133-million incidents of malicious code were detected in South Africa.
South African businesses are at risk, like any other business globally. The global threat landscape is constantly evolving, with hackers leveraging the broader surface offered by the enormous availability of data, he said.
“Ransomware attacks will continue to affect organisations in 2018, and these attacks will increase both in volume and sophistication. Organisations need a layered security approach to keep one step ahead,” advised Siriniwasa.
More high-end malware for mobile devices is expected to be seen this year, as a result of an increase in the attacks. Phones are more difficult to hack than personal computers, but there is a greater wealth of information on them, he added.
Mobile banking malware risks are worsening, and consumers should install technologies that can detect the presence of malware on mobile devices.
“Similarly, cryptocurrency mining was the most-detected network event in devices connected to home routers in 2017, and this is set to increase in 2018.”
There is no silver bullet when it comes to the sheer range of cyberthreats facing organisations. Businesses need a cross-generational security solution that uses a blend of proven security protections with the best new defences to mitigate risk effectively, said Trend Micro global threat communications director Jon Clay.
Preventing damage from cyberthreats means preparing for them, but the next tier of digital threats requires next-level solutions, concurred Siriniwasa.
“Hackers are getting smarter and changing the game. The reality is that companies are playing catch-up, which is why it is important to ensure that your data is adequately protected.”
Trend Micro has launched its Smart Protection Network to offer businesses up-to-the-second threat intelligence. The solution delivers proactive global threat intelligence against zero-hour threats using the latest data science techniques, such as hybrid cloud-machine learning and cloud-based protection infrastructure, which gives businesses threat visibility across platforms, security layers and users globally.
INTERNET OF THINGS SECURITY
Securing Internet of Things (IoT) devices will be a major cybersecurity challenge this year. IoT devices could lead to breaches that are bigger and more invasive than we’ve ever seen, Siriniwasa stated.
Vulnerable IoT devices are also a major security risk across several trending threats. Trend Micro detected more than 45.6-million cryptocurrency mining events during the past year, representing a large percentage of all IoT events observed. The rates of cryptocurrency mining malware also soared, peaking at 100 000 detections in October 2017.
Similarly, there was a 32% increase in the number of new ransomware families created in 2017, and software vulnerabilities also continued to be targeted, with 1 009 new flaws discovered and disclosed in 2017 through Trend Micro’s Zero Day Initiative and more than 3 500 independent whitehat researchers.
As more and more of these connected devices are used in daily life, the IoT gets more complex, which can lead to performance issues or gaps for hackers to exploit.