sb-nz logo
Story image

Fileless attacks surge as attackers look to boost ROI

30 Aug 2019

Fileless attacks have skyrocketed 265% this year compared to the first half of 2018, and there’s no sign that they will slow down.

Trend Micro’s Evasive Threats, Pervasive Effects: 2019 Midyear Security Roundup report indicates that attackers are targeting victims that could provide the greatest return on investment – namely businesses and other profitable environments.

In total, Trend Micro blocked more than 26.8 billion threats in the first half of 2019, which is an increase of more than 6 billion compared to the same period last year. Of note, 91% of these threats entered the corporate network via email.

Attackers are also commonly deploying threats that can’t be picked up by traditional security filters. This is because those threats can be executed in a system's memory, reside in the registry, or abuse legitimate tools.

“So-called fileless threats are not as visible as traditional malware since these typically do not write to disk, are usually executed in a system’s memory, reside in the registry, or misuse normally whitelisted tools like PowerShell, PsExec, or Windows Management Instrumentation,” the report notes.

Additionally, exploit kits have also risen 136% compared to the same time in 2018.

"Sophistication and stealth is the name of the cybersecurity game today, as corporate technology and criminal attacks become more connected and smarter," says Trend Micro’s director of global threat communications, Jon Clay.

"From attackers, we saw intentional, targeted, and crafty attacks that stealthily take advantage of people, processes and technology. However, on the business side, digital transformation and cloud migrations are expanding and evolving the corporate attack surface. To navigate this evolution, businesses need a technology partner that can combine human expertise with advanced security technologies to better detect, correlate, respond to, and remediate threats."

Cryptomining malware remains a prevalent threat this year, as attackers deploy these threats on servers and in cloud environments.

The number of routers involved in possible inbound attacks also increased 64% compared to the first half of 2018, with more Mirai variants searching for exposed devices.

Digital extortion attempts surged 319% compared to the second half of 2018. Business email compromise (BEC) scams remain a major threat, with detections jumping 52% compared to the past six months. Ransomware-related files, emails and URLs also grew 77% over the same period.

Trend Micro says that mitigating these advanced threats requires smart defense-in-depth that can correlate data from across gateways, networks, servers and endpoints to best identify and stop attacks.

Story image
Bitglass deepens integration with MFA vendor Duo Security
Bitglass has announced a deepened integration with Duo Security, now part of Cisco, as it looks to strengthen security for the modern workforce.More
Download image
SaaS shouldn't left exposed to the public internet - how hybrid IT can help
By leveraging hybrid IT, enterprises can turn to a new architecture that leverages specialties such as colocation from multi-tenant data centres, and interconnection.More
Story image
Why DX is not complete without a transformed security architecture
Secure Access Services Edge (SASE) is the process by which core WAN edge capabilities like SD-WAN, routing, and WAN optimisation at branch locations are integrated with cloud-based security services like secure web gateways, firewall-as-a-service, cloud access security brokers, and more.More
Story image
Banks failing customers when it comes to mobile app security
"Through these vulnerabilities, hackers can obtain usernames, account balances, transfer confirmations, card limits, and the phone number associated with a victim's card.”More
Story image
Inteview: Mimecast security expert on why email attacks are more successful than ever
Techday spoke to Mimecast Australia principal technical consultant Garrett O’Hara, who walks through why security experts are becoming increasingly pessimistic about email-borne attacks.More
Story image
Claroty and Deloitte partner up to deliver cybersecurity for industrial tech
“Industrial organisations are keen to transform themselves into digital utilities, but often security can be an obstacle rather than an enabler of digital transformation.”More