Trend Micro Incorporated, a global leader in cybersecurity solutions, has published its roundup report for the first half of 2019, revealing a surge in fileless attacks that take advantage of a machine’s built-in tools and applications for attacks, leaving no identifiable signature behind. Detections of this threat alone were up 265% compared to the first half of 2018.
The report also revealed that email was still the most used threat vector deployed to infiltrate a corporate network and target unsuspecting employees. Email threats in Singapore saw a 30% increase for the first half of 2019, compared to the first half of 2018. This trend was possibly driven by cybercriminals moving to and favouring cloud-based or mobile platforms, such as Office 365, as avenues for scamming users and enterprises.
On a global level, business email compromise (BEC) remains a major threat, with detections jumping 52% compared to the past six months. The CEO remained the most spoofed position in BEC scams, as emails from CEOs tended to elicit a sense of urgency and inspire prompt action from the recipients. Employees targeted typically were those who were authorized to conduct wire transfers.
“Email remained a top threat vector in Singapore – we saw intentional, targeted, and crafty attacks that stealthily take advantage of people, processes, and technology. To navigate this evolution, businesses need a technology partner to build a secure foundation in cybersecurity, which is essential to driving Singapore’s Smart Nation agenda,” said Nilesh Jain, vice president of Southeast Asia and India, Trend Micro.
“The future of email security will also contend with threats that arise from the integration of workplace collaboration tools, such as Slack or Dropbox, with email platforms. As a rule of thumb, organizations should ensure that IT personnel are briefed and educated about the security repercussions, and put in sufficient security at the email gateway and for internal emails that don’t cross the gateway.”
The findings in 2019 so far confirm many of the predictions Trend Micro made last year. Namely, attackers are working smarter to target businesses and environments that will produce the greatest return on investment.
Further 1H 2019 global threats trends at-a-glance:
- In terms of file-based threat components, crypto-mining malware remained the most detected threat in the first half of 2019, with attackers increasingly deploying these threats on servers and in cloud environments. Substantiating another prediction, the number of routers involved in possible inbound attacks jumped 64% compared to the first half of 2018, with more Mirai variants searching for exposed devices.
- Digital extortion schemes soared by 319% from the second half of 2018, which aligns with previous projections.
- Ransomware-related files, emails, and URLs grew 77% over the same period.
- Exploit kits have also made a comeback, with a 136% increase compared to the same period in 2018.
In total, Trend Micro blocked more than 26.8 billion threats in the first half of 2019, over 6 billion more than the same period last year. Of note, 91% of these threats entered the corporate network via email. Mitigating these advanced threats requires smart defence-in-depth that can correlate data from across gateways, networks, servers and endpoints to best identify and stop attacks.
 Fileless threats: Fileless threats leave no identifiable signature that could trigger traditional security software detection, allowing them to bypass standard security mechanisms and potentially undermine the purpose of affected legitimate programs
 Email threats: Any email with potentially malicious activity, including phishing emails, spams, business email compromise, emails with malicious URLs or attachments
 Exploit kit: A type of toolkit that that cybercriminals use to attack vulnerabilities in systems so they can distribute malware or perform other malicious activities