Trend Micro recently releases its 2019 Mid Year Security Roundup: Evasive Threats, Pervasive Effective and found that organizations are dealing with a wide range of security threats, from ransomware and malware to phishing and high impact vulnerabilities.
The report found that in the first half of 2019, attackers were more strategic when selecting ransomware targets, focusing mostly on large enterprises and government entities. The infamous WannaCry ransomware, which devastated organizations worldwide in 2017, remained the most detected ransomware strain by a landslide, followed by LockerGoga, RobbinHood, Ryuk, BitBaymer, and MegaCotex. The WannaCy ransomware was detected between 40,000 and 45,000 times during the first half of 2019.
LockerGoga infected Norsk Hydro leaving the company with $5 million in incurred losses, RobinHood infected systems at the City of Baltimore and left the city to pay $5.3 million to repair systems after the attack, and Ryuk infected systems at Lake City and Key Biscayne which forced both cities to pay the ransom to recover encrypted files and systems.
Threat actors were also spotted using fileless techniques to distribute cryptocurrency mining malware, ransomware, and banking trojans. All these threats involved PowerShell abuse.
The report also found that Business Email Compromise (BEC) scams increased by over 50% compared to the second half of 2018, with attackers generally impersonating CEOs or other high-level executives to trick employees into transferring funds to their bank accounts. It was also reported last month by the Financial Crimes Enforcement Network (FinCEN) that cybercriminals conducting BEC scams make over $300 million per month from US victims alone.
The number of zero-day vulnerabilities detected is also on the rise, with the report stating between January 2019 and June 219 there were 40 rated as Critical, 335 listed as High, 101 as Medium, and 107 as Low.
To defend against this range of security threats, NNT suggests adopting the CIS Controls. The CIS Controls represent 20 critical areas that we must address in order to defend against today's most common and pervasive attacks.