TrendMicro has released its report on the state of security in the first half of 2017. Entitled.” 2017 Midyear Security Roundup: The Cost of Compromise”, it looks at the various aspects of security that has happened this year so far. WannaCry and Petra ransomware are never far from our minds, definitely.
Highlights of the research paper include:
- APAC topped all the regions in terms of global ransomware threats – it was revealed to have accounted for 35.7% amongst other regions.
- Additionally, APAC also surpassed other regions by a huge margin, with more than 436 million malware detections observed – The top three malware detected were DocDrop, DOWNAD, and WannaCry.
- Over 47 million malicious mobile apps were downloaded by users in APAC, the highest amongst other regions – EMEA users downloaded 30 million apps; North America and Latin America accounting for eight million and six million malicious mobile downloads respectively.
- Exploits kits are a prominent threat in APAC regions, with a total of 556,542 kits that were detected within six months – The amount was quadruple of North America, that came in second place (120,470)
The report can be viewed here.
PAC consistently ranks on top across multiple threat categories in the first half of 2017
Globally, ransomware, business email compromise scams continue to plague enterprises; new threats such as fake news and robotics attacks are growing
SINGAPORE, September 20, 2017 – Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global leader in cloud security solutions, today revealed that Asia Pacific (APAC) had been heavily hit from January to June 2017, leading other regions in most threat categories.
Globally, Trend Micro detected 82 million ransomware threats and found that on average, 28 new ransomware families were created every month. The company also blocked more than 3,000 BEC attempts; and discovered and responsibly disclosed 382 new vulnerabilities.
In the meantime, cyberpropaganda reared its head in 2017 – cybercriminals started selling tools and services that helped create fake content, boost social media reach, and buy votes that can directly influence elections. Connected devices continue to be a problem too. In April, Trend Micro discovered the Persirai botnet targeting more than 1,000 Internet Protocol (IP) camera models. The company also found more than 83,000 exposed industrial routers and 28 exposed industrial robots.
“APAC was targeted by threats and cyberattacks disproportionately in the first half of the year. Companies in the region need to better understand cyberattacks and prioritize funds accordingly for effective security.” said Dhanya Thakkar, Managing Director and Vice President, Asia Pacific, “Based on the insights we gather, our team has been continually constructing a comprehensive threat intelligence database and innovating new products that can respond to the growing threats. That’s why we have started incorporating machine learning-based smart detection technology into all our solutions and gleaned good results.”
Key APAC Highlights and Insights:
- Out of the 82 million ransomware threats blocked, those targeting APAC entities accounted for 35.7% of all, the highest of all regions. This is followed by EMEA (25.24%), Latin America (22.66%), and North America (15.71%).
The successive successes of WannaCry and Petya attacks reinforced the need for consistent patching for enterprises across all industries. Despite Microsoft releasing a patch in March for the vulnerability CVE-2017-0144 or EternalBlue, which WannaCry and Petya exploited, the attacks still infected thousands of computers in April and in June.
Other noteworthy ransomware families that surfaced in the first half of the year included new variants of Cerber, an infamous ransomware now armed with anti-machine-learning capabilities; Patcher, which affected the MacOS; and the mobile ransomware SLocker.
The best defense against ransomware threats is to block them at the source level via web or email gateway solutions. Machine learning technology such as Trend Micro’s XGen™ is designed to detect ransomware threats by filtering them through multiple defense methods, leading to effective, comprehensive detection even for newly created, never-seen-before ransomware variants.
- In the first six months of the year, more than 436 million malware detections were observed in the APAC region, surpassing the numbers in all other regions by a huge margin. APAC is followed by North America (324 million) and EMEA (169 million). The top three malware found in the region are DocDrop,DOWNAD, and WannaCry. The most hit countries in the region are Japan, Australia, and Taiwan.
As industrial IoT devices continue to mushroom in APAC, the number of supervisory control and data acquisition (SCADA) system vulnerabilities is also increasing, providing fodder for malware attacks. Based on the findings from the Trend Micro’s Zero Day Initiative program, there exist malware specially made to target these connected systems.
APAC also leads in the number of detections for online banking malware in the first half of the year, culminating in more than 118,193 malware discovered and blocked, four times more than EMEA (24,798) and five times more than North America (20,888). Japan, China, and Vietnam encountered most of the attacks.
- Trend Micro also found that more than 47 million malicious mobile apps were downloaded by users in APAC, much more than those from other regions. For instance, EMEA users downloaded 30 million such apps; the numbers are even lower in North America (eight million) and Latin America (six million).
- Exploit kits are another prominent threat in the APAC region, with a total of 556,542 detected within the six months, more than quadrupling the second place – North America (120,470).
The most distributed exploit kits for the first six months in APAC are Rig, Magnitude, Sundown, and Nebula. Exploit kits normally target popular software such as AdobeFlash, Java, and Microsoft Silverlight. In 2017, connected industrial systems became a popular target for exploit kits too. Some of them can be used to deliver ransomware, such as Rig, Magnitude, and Sundown.
About Trend Micro
Trend Micro Incorporated, a global leader in cybersecurity solutions, helps to make the world safe for exchanging digital information. Our innovative solutions for consumers, businesses, and governments provide layered security for data centers, cloud environments, networks and endpoints. All our products work together to seamlessly share threat intelligence and provide a connected threat defense with centralized visibility and control, enabling better, faster protection. With more than 5,000 employees in over 50 countries and the world’s most advanced global threat intelligence, Trend Micro enables organizations to secure their journey to the cloud. For more information, visit www.trendmicro.com.