Since the Covid-19 pandemic forced increased digitalisation, threat detections have increased exponentially, according to Trend Micro’s mid-year report on the latest developments and trends in cybersecurity.
For many IT decision-makers, this rapid digitalisation is cause for major concern with 43% arguing that the digital attack surface is spiralling out of control and 37% describing it as constantly evolving and messy.
Considering the challenges faced by IT professionals, it is clear that there is a need for improved investment and understanding of the cyberattack landscape. Below are Trend Micro’s top 5 insights from the first half of 2022.
1) Old Favourites Make a Comeback
While new malware tends to receive the lion’s share of the spotlight, the first half of 2022 saw a significant resurgence of an old favourite, commodity malware Emotet. Despite its infrastructure being taken down in 2021, detections of the botnet increased from 13 811 in 1H 2021 to 148 701 in 1H 2022. Researchers from Advintel named Conti, a prominent Malware-as-a-service (MaaS) group responsible for the growth in detections.
2) Malicious Actors Turn their Attention to Ukraine
Cyber warfare is a burgeoning trend with prominent groups launching attacks on Ukrainian targets before and during the conflict with Russia. In addition to this, other threat actors are targeting individuals outside of the conflict, capitalising on curiosity and sympathy.
Turning their attention away from dwindling interest in Covid-19 many are now using requests for donations for their spam emails. A recent report from Interpol placed online scams through text messages and email top of the list of most prominent threats in Africa. This is supported by Trend Micro’s regional statistics for 1H 2022 which show well over 2,4-million blocked mails in the region, 5% of which came from top contributor, South Africa.
3) Ransomware as a Service Grows in Popularity
Ransomware as a service (RaaS) continues to grow as a threat with LockBit, Conti, and BlackCat at the helm. This profitable approach to cybercrime allows would-be cybercriminals to access tools and infrastructure that otherwise would not have been available to them. The RaaS system places the responsibility of infection on affiliates, providing developers with a layer of protection and additional time in which to evolve their malware. The growing popularity of this approach is largely responsible for the 2,5-million detections worldwide, of which nearly 200 000 occurred in Africa.
4) Linux becomes a Prime Target
Linux systems have become an attractive option for malicious actors looking to concentrate on servers and embedded systems, both areas where Linux is expected to see growth in the next few years. The new focus on the operating system became clear in 1H 2022 which saw a 75% increase in ransomware attacks targeting Linux machines. This emerging trend is concerning to organisations as targeted infrastructure forms part of their critical infrastructure and successful attacks have the potential to deal significant damage.
5) Cloud-based attacks remain a top concern
Investment in cloud computing in Africa has continued to grow, particularly among South African SMEs. The same research claims that 80% of companies report positive operational changes within the first few months. However, these same advantages can also present security challenges. Top of this list are cloud tunnelling and containers. While cloud tunnelling allows users to swiftly deploy assets and services – it can also prevent full visibility of the deployed assets. Trend Micro found attackers are taking advantage of this by launching attacks in unconventional places where IT teams tend not to look.
Similarly, containers offer organisations increased speed and efficiency in their development cycles. However, many have failed to implement proper security controls which can lead to compromise at various stages of the pipeline. Misconfigured container software remained a top concern in 1H 2022 with 53% of respondents in a recent Red Hat survey reporting misconfiguration detections on their containers.
In addition to the above trends, Trend Micro also found that the number of critical and high-severity vulnerabilities rose during this period. Although most detections and attacks are still aimed overseas, it is crucial that Africa invest in improved security measures. A critical part of this investment must be focused on resolving the skills shortage. While a comprehensive security solution like Trend Micro One can provide your systems with protection, skills development programs will play a key role in ensuring a safe future.