A new report from Trend Micro — an IT security company with a prominent presence in Kanata North — cautions businesses to keep a watchful eye over their remote workers and digital infrastructure as hackers increase their rate of attack globally.
Though the number of threats Trend Micro detected in 2021 increased 42 per cent year-on-year to over 94 billion, they shrank in some areas, indicating that attacks are becoming more targeted — particularly towards critical businesses and industries more likely to pay hefty extortion fees. Extortion tactics have also doubled, ensuring hackers are able to profit should companies give in.
The report found that these “threat actors,” as they are known within the cybersecurity field, are getting better at exploiting human error to compromise cloud infrastructure and remote workers in particular. Given that research shows home workers are often prone to take more cybersecurity-related risks than those in the office, phishing has become a particular risk to companies and employees alike. Trend Micro’s Cloud App Security detected and prevented 25.7 million email threats in 2021 compared to 16.7 million in 2020, with the volume of blocked phishing attempts nearly doubling over the period.
Incorrectly configured cloud systems were also found to pose significant problems to organizations, with specific programs exposing them to attacks from groups that use cloud systems as a platform through which to derive the computing power needed to mine for cryptocurrency. This form of cloud system exploitation has become increasingly common in recent years as more businesses leave unneeded and unattended-to cloud systems online, allowing them to become so unpatched and unconfigured that they devolve into easily exploited targets for crypto threat actors.
“Just a few hours of compromise could result in profits for the perpetrators. That’s why we’re seeing a continuous fight for cloud CPU resources,” said Stephen Hilt, senior threat researcher at Trend Micro. “It’s akin to a real-life capture-the-flag, with the victim’s cloud infrastructure the battleground.”
On one hand, this extra computing workload threatens to slow key user-facing services for victimized organizations, which can increase operating costs by up to 600 per cent for every infected system. On the other hand, cryptomining may also serve as a precursor to more serious compromises, as after using the capture cloud system to mine, many threat actors will sell access to it for those looking to employ ransomware, data theft, and more.
While 2021 was a record year for new vulnerabilities, Trend Micro also found that 22 per cent of the exploits sold in the cybercrime underground last year were over three years old, meaning that patching old vulnerabilities remains an essential task alongside monitoring for new threats.
“Attackers are always working to increase their victim count and profit, whether through quantity or effectiveness of attacks,” said Clay. Nevertheless, “the breadth and depth of our global threat intelligence allows us to identify shifts in how malicious actors target their victims across the world,” allowing software companies the ability to protect organizations from a variety of cyber risks.
