Trend Micro Incorporated, a global cybersecurity leader, today announced it blocked 146 billion cyber threats in 2022. It also revealed a massive 55% increase in overall threat detections and a 242% surge in blocked malicious files, as threat actors indiscriminately targeted consumers and organizations across all sectors.
Particularly in Malaysia, Trend Micro shared that:
- A total of 555 million attacks were blocked in 2022, a 16% increase year-on-year from 2021.
- It detected an increase of 16% in ransomware attacks in the country, up 16% from 2021.
- The number of detected malware surged by 71% in 2022 to over 50 million, likely due to threat actors taking advantage of unpatched virtual private networks (VPN), connected mobile devices, and back-end cloud infrastructure brought on by the new hybrid working model.
Goh Chee Hoh, Managing Director for Trend Micro Malaysia and Nascent Countries: “The unrivaled breadth of Trend Micro threat intelligence* reveals 2022 as a year when threat actors went ‘all-in’ to boost profits. A surge in backdoor detections is particularly concerning in showing us their success in making landfall inside networks. To manage risk effectively across a rapidly expanding attack surface, stretched security teams need a more streamlined, platform-based approach.”
The roundup report further revealed several interesting trends for 2022 and beyond:
- Ransomware groups rebranded and diversified in a bid to address declining profits. In the future, we expect these groups to move into adjacent areas that monetize initial access, such as stock fraud, business email compromise (BEC), money laundering, and cryptocurrency theft.
- An 86% increase in backdoor malware detections reveals threat actors trying to maintain their presence inside networks for a future attack. These backdoors primarily targeted web server platform vulnerabilities.
- Webshells were the top-detected malware of the year, surging 103% on 2021 figures.
- The top three MITRE ATT&CK techniques – a globally-accessible knowledge base of adversary tactics based on real-world observations – show us that threat actors are gaining initial access through remote services, then expanding their footprint within the environment through credential dumping to utilize valid accounts.
- A record number of Zero Day Initiative (ZDI) advisories (1,706) for the third year in a row is the result of a rapidly expanding corporate attack surface and researcher investment in automated analysis tools, which are finding more bugs. The number of critical vulnerabilities doubled in 2022. Two out of the top three CVEs reported in 2022 were related to Log4j.
- The ZDI observed an increase in failed patches and confusing advisories, adding extra time and money to corporate remediation efforts and exposing organizations to unnecessary cyber risk.
Trend Micro recommends that organizations adopt a platform-based approach to managing the cyber-attack surface, mitigate security skills shortages and coverage gaps, and minimize the costs associated with point solutions. This should cover the following:
- Asset management – Examine assets and determine their criticality, any potential vulnerabilities, the level of threat activity, and how much threat intelligence is being gathered from the asset.
- Cloud security – Ensure that cloud infrastructure is configured with security in mind to prevent attackers from capitalizing on known gaps and vulnerabilities.
- Proper security protocols – Prioritize updating software as soon as possible to minimize the exploitation of vulnerabilities. Options such as virtual patching can help organizations until vendors provide official security updates.
- Attack surface visibility – Monitor disparate technologies and networks within the organization, as well as any security system that protects them. It may be difficult to correlate different data points from siloed sources.
* It covers endpoints (Android & iOS, IoT, IIoT, PCs, Macs, Linux, servers), email, web and network layers, OT networks, cloud, home networks, vulnerabilities, consumers, businesses, and governments globally.
To read a full copy of the report, Rethinking Tactics: 2022 Annual Cybersecurity Report, please visit: https://www.trendmicro.com/vinfo/my/security/research-and-analysis/threat-reports/roundup/rethinking-tactics-annual-cybersecurity-roundup-2022