Trend Micro has said it stopped 146 billion cyber-threats in 2022, a 55% increase on the previous year and evidence of cyber-criminals widening their efforts to companies of all sizes and sectors.
The global security vendor compiled its annual roundup report, Rethinking Tactics, from threat intelligence generated across mobile, IoT, PC and server endpoints, email, web and network layers, OT networks, cloud, home networks, vulnerabilities, consumers, businesses and governments worldwide.
It revealed a 242% increase in the number of blocked malicious files and an 86% increase in backdoor malware detections – the latter indicative of threat actors successfully gaining initial access into targeted networks in greater numbers, the report claimed.
They’re doing this by targeting remote services such as telnet, SSH and VNC, before expanding their footprint inside networks by using valid accounts obtained through credential dumping, Trend Micro added.
Vulnerability exploitation was also a key tactic in the cybercrime armory in 2022. Trend Micro’s Zero Day Initiative (ZDI) published a record 1706 advisories last year, claiming this was down to the expanding attack surface of global companies and its researchers’ own improvements in automated bug detection.
The number of critical vulnerabilities doubled in 2022, while two out of the top three CVEs reported were related to Log4j. In 2021, all three were bugs in Microsoft Exchange.
Overall, webshells were the top detected malware, increasing 103% on 2021 figures, with a resurgent Emotet in second. LockBit and BlackCat were the top ransomware families of 2022.
The report also warned that ransomware groups are increasingly rebranding in a bid to stay under the radar of researchers and law enforcers, and are diversifying into adjacent areas to boost profits.
“Shifting to monetization of exfiltrated data would be easy for ransomware groups – many of the current RaaS organizations can capitalize on the tools they already have,” Trend Micro noted.
“We expect that in the future, the groups will also adopt other criminal business models that monetize initial access, such as stock fraud, business email compromise (BEC), money laundering and cryptocurrency theft, among others.”
Trend Micro’s 55% surge in malware detections is significantly higher than that of SonicWall, which said last week that its overall detections increased by only 2% year-on-year in 2022.