lolloj - Fotolia
Trend Micro sounds alarm over rise in covert attacks
The vendor has tracked a shift away from mass ransomware attacks as criminals take a different approach
Trend Micro has warned customers to keep alert with some cyber criminals adopting different attack methods that move away from large scale offensives.
The vendor has provided its mid year security update and revealed that attackers are now looking to become more covert and are moving away from some of the tactics that caused such damage in the past.
The biggest change is a shift from large scale ransomware attacks to more covert attacks that are aimed at stealing both money and computing resources.
The computing power is in demand by those hijacking PCs to use the machines as part of digital currency mining efforts.
For the channel it means getting out in front of customers and explaining that the defences need to be tightened, with more focus on fending off the latest approaches.
“The recent change in the threat landscape mirrors what we’ve seen for years – cybercriminals will constantly shift their tools, tactics and procedures (TTPs) to improve their infection rates,” said Bharat Mistry, principal security strategist for Trend Micro.
“Standard spray and pray ransomware attacks and data breaches had become the norm, so attackers changed their tactics to be more covert, using entry vectors not previously seen or used extensively. This means once again, business leaders must evaluate their defenses to ensure sufficient protection is in place to stop the latest and most pressing threats," added Mistry.
One of the proposed answers that gets pitched to customers is to increase automation to help with the heavy lifting but research from Skybox Security indicates that much more work needs to be done on that front.
The firm found that APAC is ahead of the US and EMEA in using automation for processes involved in firewall rules and security policy. AI and machine learning is also something that so far appears to be more a concept than a reality for many users.
“It seems security leaders are still trying to understand where they’re going to get the most value out of automation, while also ensuring they’re not putting the organization at risk. There are many areas, however, where it is absolutely essential to implement automation — and, in fact, where the automation reduces risk," said Skybox director of product marketing, Sean Keef.
"Networks are simply becoming too large and complex to manage manually. If you’re not already working with a vendor in these areas, you should start looking for one," he added.
