Trend Micro Incorporated, a Dallas-based cybersecurity company, has released its Mid-year Security Roundup, revealing that cybercriminals are moving away from attention-grabbing ransomware attacks to more covert methods intended to steal money and valuable computing resources.
Crypto-jacking attempts are making the biggest impact so far this year, according to the company, which reports a 96 percent increase in cryptocurrency mining detections in 1H 2018 compared to all of 2017, and a 956 percent increase in detections versus 1H 2017. This indicates cybercriminals are shifting away from the quick payout of ransomware in favor of the slower, behind-the-scenes approach of stealing computing power to mine digital currency.
“The recent change in the threat landscape mirrors what we’ve seen for years – cybercriminals will constantly shift their tools, tactics and procedures (TTPs) to improve their infection rates,” said Jon Clay, director of global threat communications for Trend Micro. “Standard spray and pray ransomware attacks and data breaches had become the norm, so attackers changed their tactics to be more covert, using entry vectors not previously seen or used extensively. This means once again; business leaders must evaluate their defenses to ensure sufficient protection is in place to stop the latest and most pressing threats.”
Another shift in the first half of the year is toward unusual malware types, such as fileless, macro and small file malware. Trend Micro recorded a 250 percent increase in detections of one particular small file malware, TinyPOS, compared to 2H 2017, which may be due to the increased ability of these malware types to circumvent defenses that employ only one type of security protection.
The company also reports twice as many SCADA vulnerabilities compared to the same time last year.
IT security managers must stay alert to the evolving threatscape, especially as criminals begin to perform destructive attacks rather than mere reconnaissance and testing.