BEC, cryptojacking, phishing and fileless malware attacks all surged in 2018 as cyber-criminals increasingly moved away from one-size-fits-all approaches, according to Trend Micro.
The security vendor’s 2018 roundup report, Caught in the Net: Unraveling the Tangle of Old and New Threats, revealed it blocked over 48.3 billion threats over the 12 month period.
The vast majority of these (41.5 billion) were email borne.
They included over 269 million instances of phishing URL detections, a 269% increase compared to 2017. Also targeting users with social engineering is BEC, of which Trend Micro detected an extra 28% attempted attacks.
Cryptojacking detections passed the one million mark for the first time, a 237% increase from 2017 figures, with attack methods spread out across: abused ad platforms; pop-up ads; server exploits malicious browser extensions; mobile phones; plug-ins; botnets; bundling with legitimate software; exploit kits; and repurposed ransomware.
Fileless techniques showed the biggest rise in detections, up 819% over the year. The vendor warned that these attacks, which typically try to circumvent traditional filters, can usually be detected only via other means such as traffic monitoring, behavioral indicators or sandboxing.
Another trend is of cyber-criminals continuing to focus on exploiting known vulnerabilities rather than spending time and money on researching zero days. Trend Micro’s Zero Day Initiative (ZDI) bought and disclosed more vulnerabilities in 2018 than ever before.
“This reverse strategy of first studying a disclosed vulnerability, even if it has been patched in the same advisory, then developing an exploit for it has become quite common over the years,” the report noted. “But it appears that cyber-criminals are correct in assuming that not all enterprises will be able to patch their systems in time, if at all.”
The ZDI also bought and disclosed 224% more Industrial Control System bugs in 2018 including many in these systems’ Human Machine Interfaces (HMIs), which should be a concern for those managing operational technology environments.
Trend Micro noted a 91% decrease in ransomware threats over the year and a 32% drop in new ransomware families, but warned that it still remains a serious threat.
Interestingly, the number of threats blocked was down from 2017 (66.4 billion) and 2016 (81 billion) figures: perhaps an indication that they’re becoming more targeted.