Ransomware detections dropped by almost half, but the threat is only getting worse, says Trend Micro

3 years ago 287

Rather than indicating ransomware was a passing fad, the alteration successful onslaught measurement shows that attackers are starting to go much opportunistic and smarter astir picking targets.

Ransomware

Image: kaptnali, Getty Images/iStockphoto

Trend Micro has released a midyear cybersecurity report that makes 2 absorbing claims: First, that ransomware numbers decreased by astir fractional successful H1 2021 compared to H1 2020; and second, that the fig of recently reported vulnerabilities decreased, with a peculiarly ample dip successful the fig of captious flaws being reported. 

Don't fto that fool you into complacency: Unlike the 1H 2021 driblet successful COVID-themed phishing attacks that Trend Micro noticed, the dips mentioned supra don't bespeak that thing has tally its course; instead, it indicates changing tactics. 

SEE: Security incidental effect policy (TechRepublic Premium)

In the lawsuit of vulnerabilities, the driblet successful reports showed a disconnect with the fig of vulnerabilities being exploited successful the wild. The archetypal six months of 2021, Trend Micro said, "were marked with important vulnerability exploitation incidents, specified arsenic the ProxyLogon attacks," which was the cardinal exploit down the Microsoft Exchange server attacks. In addition, Trend Micro noted, Windows and Linux some proceed to beryllium plagued by known and caller vulnerabilities. 

Exploit quality isn't the biggest scare to travel retired of the midyear report: Ransomware quality should beryllium the large concern, and precisely due to the fact that the fig of attacks are decreasing. That decrease, Trend Micro said, is due to the fact that "attackers are moving from the opportunistic and quantity-focused exemplary to much targeted modern ransomware methods and big-game hunting."

Trend Micro divides ransomware into 2 varieties successful the report: Premodern and modern ransomware, some of which it said were among the apical 10 astir detected threats successful the archetypal fractional of 2021. Premodern ransomware is the benignant that drops the malicious codification straight from an email oregon atrocious URL, portion modern ransomware uses phishing and different exploits to driblet ransomware straight onto a instrumentality oregon web that has been compromised. As an example, Trend Micro cites WannaCry arsenic premodern and ransomware similar DarkSide, REvil and Nefilim arsenic modern variants. 

Popular ransomware targets successful the archetypal fractional of 2021 included banking, government, manufacturing, healthcare, nutrient and beverage, education, tech, finance, telecom and retail sectors.  

Ransomware: Still not the most-detected threat

If ransomware actors are to beryllium feared due to the fact that they're opening to get smarter astir targeting, past cryptocurrency mining malware is the menace due to the fact that of its sheer volume. In the archetypal fractional of 2021, cryptomining malware, which mines cryptocurrency utilizing computing resources it has infected without notifying the user, replaced WannaCry arsenic the astir prevalent menace household connected the internet.

"Cybercriminals proceed to rise the stakes for the enterprises and organizations that they target, arsenic they motorboat attacks from each angles," Trend Micro said. How does an enactment support itself from attacks coming from each angles? 

"Considering the antithetic types of malicious threats and the fig of progressive cybercriminal groups, it is captious that organizations found a robust and multilayered information system. Now much than ever, siloed tools and azygous layers of extortion that lone screen parts of the wide infrastructure are not a capable defence against the precocious cybercriminal campaigns being launched," Trend Micro concluded successful the report.

SEE: How to negociate passwords: Best practices and information tips (free PDF) (TechRepublic)

For IT, "optimal information solutions should supply indicators and analytics that springiness IT information teams a broad presumption of risks to their organization's strategy without inundating them with mountains of alerts and unnecessary data," the study said. 

Don't hide to see employees connected information grooming either, Trend Micro warns. "Ordinary users are captious parts of the information posture, arsenic they are often utilized to summation deeper entree into organizations. [They] should beryllium educated connected existent societal engineering tactics, arsenic staying informed and alert connected the latest threats volition assistance adjacent that introduction constituent for attackers."

Cybersecurity Insider Newsletter

Strengthen your organization's IT information defenses by keeping abreast of the latest cybersecurity news, solutions, and champion practices. Delivered Tuesdays and Thursdays

Sign up today

Also see

Read Entire Article