Trend Micro report finds cryptocurrency mining detections doubles, ransomware remains an enterprise threat

(Image by Darwin Laganzon/Pixabay)

In its Midyear Security Roundup 2018, cybersecurity firm Trend Micro finds out that cybercriminals now prefer to work stealthily for a more lucrative loot and malware are continuously evolving into more unrecognizable and smaller types.

Cybercriminals are also riding the wave of cryptocurrency and decided to divert their attention to the painstaking job of mining over the easy and quick-money ransomware.

According to Trend Micro report, along with the increase of interest in cryptocurrency, crytpo-jacking attempts are making the biggest impact so far this year. The firm reports a 96-percent increase in cryptocurrency mining detections for the first half of 2018 compared to all of 2017 and a 956 percent increase in detections versus the first half of 2017.

“The recent change in the threat landscape mirrors what we’ve seen for years – cybercriminals will constantly shift their tools, tactics, and procedures (TTPs) to improve their infection rates,” said Jon Clay, director of global threat communications for Trend Micro. “Standard spray and pray ransomware attacks and data breaches had become the norm, so attackers changed their tactics to be more covert, using entry vectors not previously seen or used extensively. This means once again, business leaders must evaluate their defenses to ensure sufficient protection is in place to stop the latest and most pressing threats.”

The effects of cryptocurrency miners on a network affect business efficiency because attacks can easily slow down network performance, consume power, and gradually wear down hardware. Trend Micro also detected 47 new cryptocurrency miner malware families in the first half of 2018 alone.

Ransomware attacks plateaued

Even if the Trend Micro report finds that ransomware attacks have significantly slowed down, it doesn’t mean enterprises can be complacent about it. In fact, the report saw a slight increase in ransomware detections during the first half of the year at 3 percent. Ransomware families detections, on the other hand, decreased by 36 percent.

Trend Micro notes that the “change of pace is likely due to the increased attention on ransomware and the resulting improvements in prevention and mitigation methods.”

The security firm discovered new malware types — fileless, macro, and small fileware — which challenges purely file-based security technologies. There is a 250-percent increase in TinyPOS small file malware this year compared to the second half of 2017, “which may be due to the increased ability of these malware types to circumvent defenses that employ only one type of security protection.”

In January, the company records 24,430 of fileless events detected; it increased to 38,189 in June.

The persistence of the criminals and the increasing number of attacks prompted Trend Micro Zero Day Initiatives (ZDI) to publish more than 600 advisories in the first half of this year.

“Based on this increase in advisories, the ZDI is able to predict what types of vulnerabilities will likely be used next in real-world attacks,” says Trend MIcro in its media release. “Among the advisories this year, the ZDI purchased and disclosed twice as many SCADA vulnerabilities compared to the same time last year. IT security managers running these environments must stay alert to this growing threat, especially as actors begin to perform destructive attacks rather than mere reconnaissance and testing.”