Trend Micro Report: Email Remains Top Threat Vector To Infiltrate Network

Trend Micro Report: 265 Percent Growth in Fileless Events That Evade Traditional Defenses

Trend Micro Incorporated has published its roundup report for the first half of 2019, revealing a surge in fileless attacks[1] that take advantage of a machine’s built-in tools and applications for attacks, leaving no identifiable signature behind. Detections of this threat alone were up 265 percent compared to the first half of 2018.

Fileless threats employ a variety of techniques as part of its infection routine. These can come from malicious macro codes in the form of JavaScript or VisualBasic (VBA) scripts embedded within Office documents, PDFs, archives, or seemingly benign files.

The report also revealed that email was still the most used threat vector deployed to infiltrate a corporate network and target unsuspecting employees. Email threats[2] in Singapore saw a 30 percent increase for the first half of 2019, compared to the first half of 2018. This trend was possibly driven by cybercriminals moving to and favoring cloud-based or mobile platforms, such as Office 365, as avenues for scamming users and enterprises.

Advertisments

On a global level, business email compromise (BEC) remains a major threat, with detections jumping 52 percent compared with the past six months. The CEO remained the most spoofed position in BEC scams, as emails from CEOs tended to elicit a sense of urgency and inspire prompt action from the recipients. Employees targeted typically were those who were authorised to conduct wire transfers.

“Email remained a top threat vector in Singapore – we saw intentional, targeted, and crafty attacks that stealthily take advantage of people, processes, and technology. To navigate this evolution, businesses need a technology partner to build a secure foundation in cybersecurity, which is essential to driving Singapore’s Smart Nation agenda,” said Nilesh Jain, vice president of Southeast Asia and India, Trend Micro.

“The future of email security will also contend with threats that arise from the integration of workplace collaboration tools, such as Slack or Dropbox, with email platforms. As a rule of thumb, organisations should ensure that IT personnel are briefed and educated about the security repercussions, and put in sufficient security at the email gateway and for internal emails that don’t cross the gateway.”

The findings in 2019 so far confirm many of the predictions Trend Micro made last year. Namely, attackers are working smarter to target businesses and environments that will produce the greatest return on investment.

 

Further 1H 2019 global threats trends at-a-glance:

  • In terms of file-based threat components, cryptomining malware remained the most detected threat in the first half of 2019, with attackers increasingly deploying these threats on servers and in cloud environments. Substantiating another prediction, the number of routers involved in possible inbound attacks jumped 64 percent compared to the first half of 2018, with more Mirai variants searching for exposed devices.
  • Digital extortion schemes soared by 319 percent from the second half of 2018, which aligns with previous projections.
  • Ransomware-related files, emails, and URLs grew 77 percent over the same period.
  • Exploit kits[3] have also made a comeback, with a 136 percent increase compared to the same period in 2018.

In total, Trend Micro blocked more than 26.8 billion threats in the first half of 2019, over six billion more than the same period last year. Of note, 91 percent of these threats entered the corporate network via email. Mitigating these advanced threats requires smart defense-in-depth that can correlate data from across gateways, networks, servers and endpoints to best identify and stop attacks.

[1] Fileless threats: Fileless threats leave no identifiable signature that could trigger traditional security software detection, allowing them to bypass standard security mechanisms and potentially undermine the purpose of affected legitimate programs

[2] Email threats: Any email with potentially malicious activity, including phishing emails, spams, business email compromise, emails with malicious URLs or attachments

[3] Exploit kit: A type of toolkit that that cybercriminals use to attack vulnerabilities in systems so they can distribute malware or perform other malicious activities

 

CLICK HERE FOR LATEST NEWS.

READ CURRENT AND PAST ISSUES OF IAA.

KEEP YOURSELF UPDATED, SUBSCRIBE TO IAA NOW!

AND DON’T FORGET FOLLOW US ON FACEBOOK, LINKEDIN AND TWITTER!

 

 

Yokogawa Supports World-First Implementation Of Module Type Package In An Industrial Environment
UL Establishes International Headquarters In Singapore