By Cameron Abbott and Colette Légeret
The first half of 2018 has been busy for cyber-criminals and cyber-security alike. According to Trend Micro, cryptocurrency mining detections have jumped 96% in this six month period compared to the total number detected in 2017.
In that same time, over 20 billion threats were blocked by Trend Micro’s Infrastructure, a few billion threats less than in the first half of 2017. Of these threats, less were “spray and pay” ransomware attacks and breaches, as cyber-criminals are flying under the radar with crypto-jacking, along with fileless, macro and small file malware techniques.
Bharat Mistry, Principal Security Strategist for Trend Micro, said that “the recent change in the threat landscape mirrors what we’ve seen for years – cyber-criminals will constantly shift their tools, tactics and procedures to improve their infection rates.”
Check Point warned that the number of global organisation affected by crypto-jacking has risen from 21% in the second half of 2017 to 48% in the first half of 2018, and estimates that cyber-criminals made $2.5 billion in those six months.
Despite the advent of the GDPR, data breach reporting remained consistent during the first half of 2018, although the number of Supervisory Control and Data Acquisition vulnerabilities reported by Trend Micro’s Zero Day Initiative programme doubled when compared to those reported in the first half of 2017.
Trend Micro warns operators of Human Machine Interface systems that they should be on the lookout for bugs, as threat actors are ramping up attacks from reconnaissance to destructive raids.
We have commented before that cyber-crime is big business and our anecdotal experience is and remains a steady increase in incidents caused by cyber-criminals. Many of these attacks are best defended by a well-trained and thus are workforce.