sb-nz logo
Story image

Fileless attacks surge as attackers look to boost ROI

30 Aug 2019

Fileless attacks have skyrocketed 265% this year compared to the first half of 2018, and there’s no sign that they will slow down.

Trend Micro’s Evasive Threats, Pervasive Effects: 2019 Midyear Security Roundup report indicates that attackers are targeting victims that could provide the greatest return on investment – namely businesses and other profitable environments.

In total, Trend Micro blocked more than 26.8 billion threats in the first half of 2019, which is an increase of more than 6 billion compared to the same period last year. Of note, 91% of these threats entered the corporate network via email.

Attackers are also commonly deploying threats that can’t be picked up by traditional security filters. This is because those threats can be executed in a system's memory, reside in the registry, or abuse legitimate tools.

“So-called fileless threats are not as visible as traditional malware since these typically do not write to disk, are usually executed in a system’s memory, reside in the registry, or misuse normally whitelisted tools like PowerShell, PsExec, or Windows Management Instrumentation,” the report notes.

Additionally, exploit kits have also risen 136% compared to the same time in 2018.

"Sophistication and stealth is the name of the cybersecurity game today, as corporate technology and criminal attacks become more connected and smarter," says Trend Micro’s director of global threat communications, Jon Clay.

"From attackers, we saw intentional, targeted, and crafty attacks that stealthily take advantage of people, processes and technology. However, on the business side, digital transformation and cloud migrations are expanding and evolving the corporate attack surface. To navigate this evolution, businesses need a technology partner that can combine human expertise with advanced security technologies to better detect, correlate, respond to, and remediate threats."

Cryptomining malware remains a prevalent threat this year, as attackers deploy these threats on servers and in cloud environments.

The number of routers involved in possible inbound attacks also increased 64% compared to the first half of 2018, with more Mirai variants searching for exposed devices.

Digital extortion attempts surged 319% compared to the second half of 2018. Business email compromise (BEC) scams remain a major threat, with detections jumping 52% compared to the past six months. Ransomware-related files, emails and URLs also grew 77% over the same period.

Trend Micro says that mitigating these advanced threats requires smart defense-in-depth that can correlate data from across gateways, networks, servers and endpoints to best identify and stop attacks.

Story image
Okta, CrowdStrike, Netskope and Proofpoint create shared zero trust security strategy
Okta, CrowdStrike, Netskope and Proofpoint have joined forces to develop and launch an integrated, zero trust security strategy, stating that this is crucial for today’s digital and remote working environments.More
Story image
Why DX is not complete without a transformed security architecture
Secure Access Services Edge (SASE) is the process by which core WAN edge capabilities like SD-WAN, routing, and WAN optimisation at branch locations are integrated with cloud-based security services like secure web gateways, firewall-as-a-service, cloud access security brokers, and more.More
Story image
APAC parents hide internet activity from children more than cyber attackers
A new report from Kaspersky has turned a modern trope - that teens have things to hide in their internet history - on its head, by proving the opposite is also true.More
Story image
Surge in encrypted malware prompts warning about detection strategies
“If you are not decrypting and scanning your secure web connections, you are likely missing a large majority of malware,” the report states.More
Story image
NZ financial firms bolster secure software development with Checkmarx
Two major financial institutions in New Zealand have refreshed their application security measures with the help of security specialist Checkmarx.More
Story image
Illumio launches Zero Trust endpoint protection solution for our digital, remote world
“As organisations were forced to transform overnight to allow for remote work, a host of endpoint security issues that have either been ignored or invisible until now were brought to the forefront."More