Tag Archives: ransomware

Why Defence in Depth Should be Key for All CISOs Heading into 2017

by Bharat Mistry

The evolution of the threat landscape is a tricky thing to predict. After all, the nation states, cybercrime gangs and lone hacktivists we track always have the advantage of surprise. Just a few days ago we learnt of yet another new ransomware threat, for example. This one, dubbed “Popcorn Time”, even tries to lure victims into spreading the malware themselves, in return for a decryption key. It’s yet another example of the kind of black hat ingenuity we outline in our new 2017 predictions report, The Next Tier.

As attackers continue to evolve and hone their skills, the UK’s IT leaders must look towards a multi-layered combination of security tools to effectively mitigate risk on the endpoint.

Tip of the iceberg
Popcorn Time is just the tip of the iceberg. As Trend Micro predicts in the new report, new varieties of ransomware are likely to grow by 25% next year as cybercriminals look to target their wares at new systems and sectors. Those in heavy industry might find themselves particularly exposed as attackers realise they’re more likely to pay a significant sum to get mission critical production equipment back online. Even ATM and POS systems could be a target for similar reasons.

There will certainly be no shortage of vulnerabilities to exploit. But you may be surprised at their origin. As PC shipments decline and Microsoft gets better at securing its software, expect Apple and Adobe vulnerabilities to accelerate faster than newly discovered bugs in the Redmond giant’s systems. In fact, 2016 saw Adobe already outpace Microsoft on this front, while Apple had its biggest year to date in terms of the number of bugs found in its products. Vulnerability shielding as part of multi-layered protection is the best way to guard against zero day and unpatched flaws..

There’s also likely to be a great deal of innovation next year right at the top of the black hat evolutionary ladder – targeted attacks. New and unexpected techniques could stretch organisations to the limit unless they plan carefully. Hackers will scan for sandbox use in a bid to circumvent these next generation filters, and virtual machine (VM) escape bugs will become highly prized on the cybercrime underground for similar reasons.

Defence in depth
The key is not to rely on one or even a small handful of technologies. There isn’t a product on the planet that can stop everything the black hats can throw at us. That’s why it pays to invest in multiple layers of defence. These should range from web and email gateway protection, web reputation and app whitelisting to behaviour and integrity monitoring. The beauty of this approach is that if a threat manages to slip past one layer of protection it should eventually be blocked by another.

That’s what our XGen approach is all about – combining multiple layers of cross-generational threat protection to provide the best possible chance of deflecting attack. Sitting right at the top is high fidelity machine learning designed to extract and analyse a file’s characteristics before and during its execution. This helps to reduce false positives and improve accuracy.

As we head into 2017, this is the best chance organisations have of effectively managing cybersecurity risk.

 

 

New Year, New Security Challenges: What to Expect from 2017

by Raimund Genes

Trend Micro has been protecting organisations, governments and consumers for over two and a half decades now. Our 1,200-strong team of threat researchers work round the clock and around the globe to anticipate where the next major threats will come from, and, crucially, how to mitigate them. At this time of year we’re always asked for our predictions for the next 12 months. And while cybercriminals are unlikely to work to annual deadlines, it’s still a good time to take stock and share our insight into what our experts think 2017 holds in store.

As the bad guys get ever more determined and resourceful, it will take a solid multi-layered approach to security combined with strong people and processes to keep UK organisations safe and compliant as we head into the new year. Continue reading

Trend Micro a Double Winner at V3 Technology Awards as Deep Security and Deep Discovery Impress

by Bharat Mistry

The UK’s IT decision makers have it pretty tough. On the one hand the sheer range, volume and persistence of threats today make it virtually impossible to keep digital corporate assets 100% safe. But on the other, the outrageous hyperbole spread by security vendors in what is an increasingly crowded market makes finding the right tools more challenging than it’s ever been. In these situations, the opinions of journalists, independent reviewers and customers themselves become incredibly important. Continue reading

Black Hat Europe: How Machine Learning Offers a New Approach to Uncover IOCs

Indicators of compromise (IOCs) are an incredibly important forensic artifacts which, as the name suggests, are used in incident response and threat research to discover if a system has been compromised. They come in various forms, for example, unusual outbound network traffic, an MD5 file in a temporary directory, or even log-in irregularities. One class of IOCs so far resistant to detection by traditional methods relates to the use of external content in web-based attacks.

At Black Hat Europe earlier today, Trend Micro senior security researcher Marco Balduzzi, explained how a new machine learning approach can reap fantastic results for early detection of such threats. Continue reading