Online extortion dominates security threats this year
By Digital News Asia September 26, 2016
- Newly discovered ransomware already exceed 2015
- Thousands of extortion threats recorded in Malaysia
TREND Micro, the security software and solutions company, recently hosted Cybercrime 2016, its inaugural threat defense summit in Malaysia. The summit was a central platform for businesses to learn and adopt security solutions that can cope with the rapid pace of digitisation, as well as the fast adoption of cloud and the Internet of Things (IoT).
At the conference, Trend Micro predicted 2016 to be a year of online extortion through various malicious attack methods. This is evident during the first six months of 2016 alone. The company says it has discovered a total of 79 new ransomware families – a figure that eclipsed the number of ransomware families detected in the whole of 2015.
The discovery also marked a 172 percent increase in ransomware families for the first half of 2016. Aside from ransomware, Business Email Compromise (BEC) attacks (scam tactics which compromise business accounts in order to facilitate unauthorised fund transfers), also remained persistent. According to Trend Micro, they should be considered one of the most dangerous threats to organisations.
“The threat landscape is constantly evolving and it changes the way businesses operate today. As cybercriminals continue to creatively evolve and unleash customised cyber threats capable of crippling organisations, it has become imperative for enterprises to find ways in always staying one step ahead,” said Dhanya Thakkar, Director, Trend Micro APAC. “Ransomware and BEC scams have dominated the threat landscape so far in 2016, causing immense losses to businesses across multiple industries. Enterprises must adopt multi-layered security solutions to optimally combat these threats.”
Globally, Trend Micro detected and blocked almost 80 million ransomware threats in the first half of 2016. According to the Federal Bureau of Investigation (FBI), in the first three months of the year, ransomware caused enterprises a total of US$209 million in monetary losses. In Malaysia, there were close to 100,000 threats recorded in the first half of 2016 across various businesses.
Trend Micro’s initial findings further revealed that BEC scams are most prevalent in the United States, the United Kingdom, Hong Kong, Japan, and Brazil. The FBI listed over 22,000 victims due to BEC scams from January 2015 to June 2016, with over US$3 billion in total losses all over the world. BEC scams in Malaysia are also on the rise with close to 8,000 recorded cases in the first two quarters of 2016.
“The rapid rise of ransomware and BEC cases is a clear indication of their continued threat and enterprises must take immediate measures not only to protect themselves today, but also grow their security capabilities on par with these threats. To do this, a major paradigm shift is required of business owners and decision makers; cyber security has to be seen as a fundamental and indispensable element of a sound business plan, instead of a quick fix-it when attacks occur,” Goh Chee Hoh, Managing Director, Trend Micro Malaysia.
Watch this video below for an overview of the predicted security threats this year.
According to the security report, next generation technologies will also be seen as viable targets. The continuing growth of smart-connected home devices will drive cyber attackers to use unpatched vulnerabilities as a way to stage a full-blown attack. While there are no signs of a wide scale attack coming, the likelihood of a failure in consumer-grade smart devices resulting to physical harm is highly probable.
In the mobile arena, next generation payment methods will pique the interest of online criminals from EMV credit cards to mobile wallets, challenging supposed "safer" payment platforms. Mobile malware is expected to grow exponentially, given the lax user behaviour and the availability of third-party app stores in China.
Cybercrime 2016 witnessed a record number of participation by startups, SMEs, MNCs and governing bodies. Cybercrime, Executive Threat Defense Summit featured keynotes and panel sessions by global and regional security experts sharing best practices in cybersecurity.