The modus operandi morphed in 2019. Trend Micro saw ransomware increasingly becoming a secondary infection vector and alliances being forged to carry out an elaborate, complex ransomware scheme.
Under the partnership, one group gains access to a network, and sells the access to another group to execute a ransomware attack. This shows that groups are becoming more specialized and segmenting the pieces of a cybercriminal business model.
Top threat vectors
The Trend Micro roundup report also revealed that email remained the top threat vector used by cybercriminals in 2019. Globally, Trend Micro blocked 15% more email threats in 2019 than in 2018. This pattern held true in Singapore – Trend Micro blocked more than 413 million email threats in the city-state, a 19.9% increase from 2018.
Phishing continued to be the top threat to organizations in 2019 and started to feature advanced techniques. As a result, such threats targeting Office 365 increased twofold.
Business email compromise (BEC), form of phishing attack, grew by 5% in 2019. Globally BEC operators expanded from their traditional enterprise victims to encompass religious, educational, and non-profit organizations.
“Our 2019 findings revealed how cybercriminals recognized the high return on investment from ransomware and BEC scams – a single successful attempt could make for a lucrative yield, even factoring in the research and other efforts that went behind it,” said Nilesh Jain, vice president, Southeast Asia and India, Trend Micro.
Best-of-breed doesn’t work in security
He noted that the traditional approach of using numerous best-of-breed security solutions is not today’s state-of-the-art security.
“As the security stack becomes bloated, efficiencies need to be identified and had. By the end of the day, having 20 security solutions that don’t talk to each other at all may not be as effective as having five that do,” he added.
Known vulnerabilities remain key to successful cyberattacks, including ransomware. In 2019, Trend Micro’s Zero Day Initiative disclosed 171% more high severity vulnerabilities than in 2018. The criticality score reflects the likelihood of these flaws being leveraged by attackers, so high severity bugs are more likely to be weaponized and the patches should be prioritized.