Cybercriminals are getting more sneaky

null

Cybercriminals are moving away from attention-seeking ransomware attacks in favour of more covert methods to steal money and sensitive data according to a new report from Trend Micro.

The firm's recently released Midyear Security Roundup 2018 highlights emerging cyber threats and the latests tactics used by cybercriminals.

So far this year, cryptojacking has made the largest impact and Trend Micro recorded a 96 per cent increase in cyptocurrency mining detections during the first half of this year compared to all of 2017 and a 956 per cent increase in detections versus the first half of 2017. These figures clearly illustrate the fact that cybercriminals have begun to shift their focus from ransomware's quick payouts to the slower, behind-the-scenes approach of cryptojacking.

Principal Security Strategist at Trend Micro, Bharat Mistry provided further insight on this shift in activity, saying:

“The recent change in the threat landscape mirrors what we’ve seen for years – cybercriminals will constantly shift their tools, tactics and procedures (TTPs) to improve their infection rates. Standard spray and pray ransomware attacks and data breaches had become the norm, so attackers changed their tactics to be more covert, using entry vectors not previously seen or used extensively. This means once again, business leaders must evaluate their defenses to ensure sufficient protection is in place to stop the latest and most pressing threats.” 

Another shift outlined in the firm's report is toward unusual malware types such as fileless, macro and small file malware. Trend Micro recorded a 250 per cent increase in detections of the TinyPOS small file malware when compared to the second half of 2017. This is likely due to the increased ability of these malware types to circumvent defence measures that employ only one type of security protection.

The Trend Micro Zero Day Initiative (ZDI) also published over 600 adversaries during the first six months of 2018 which allows the firm to better predict the types of vulnerabilities that will likely be used next in real-world attacks.

The news that cybercriminals have moved on from ransomware attacks makes sense as organisations have been working to bolster their defences and perhaps we will see similar progress when it comes to preventing cryptojacking next year.

Image Credit: David McBee / Pexels