Category Archives: Research

Hackers expand their repertoire as Trend Micro blocks 52 billion threats in 2019

By Ian Heritage

Variety is welcome in most walks of life, but not when it comes to the threat landscape. Yet that is unfortunately the reality facing modern cybersecurity professionals. As Trend Micro’s latest annual roundup report reveals, hackers have an unprecedented array of tools, techniques and procedures at their disposal today. With 52 billion unique threats detected by our filters alone, this is in danger of becoming an overwhelming challenge for many IT security departments.

In response, many CISOs are rightly re-examining how they approach threat defence. Rather than create potential security gaps and risk budget shortfalls through best-of-breedinvestments, they’re understanding that it may be better to consolidate on one provider that can do it all.

Continue reading

Supply chain risk to dominate 2020: from the cloud all the way to the remote worker

by Bharat Mistry

We all know that the success or otherwise of most modern organisations depends to a large degree on their supply chains. From professional services partners to software providers and transportation contractors, an average enterprise could maintain hundreds of these partnerships. But these all threaten to introduce extra risk to the business, especially in the cyber domain.

Trend Micro’s newly released 2020 predictions report highlights some of the key areas where organisations may be exposed next year: from cloud and managed service providers (MSPs), new DevOps dependencies and even supply chain risks associated with their remote workers.

A new spin on an old risk
Supply chain risk is not a new phenomenon per se. The infamous NotPetya ransomware attacks of 2017 were introduced via the software supply chain, for example, while Operation Cloud Hopper was a major attack campaign targeting global organisations via their MSPs.

However, the scale of the threat coming down the line requires urgent attention. It stems to a large degree from the way organisations are changing the way they work. Digital transformation is viewed by many as an essential driver of business growth, enabling firms to respond with agility to changing market demands. In practice, this means cloud and DevOps increasingly taking centre stage in the IT departments of the coming decade.

More agility, more risk?
Unfortunately, this will introduce new cyber risk. First, organisations’ increasing reliance on third-party cloud providers will encourage attackers to go after data stored in these accounts, via code injection attacks exploiting deserialisation bugs, cross-site scripting and SQL injection. They’ll also capitalise on mistakes made when misconfiguration of these accounts leaks data to the public-facing internet.

Next, they’ll look to exploit the reliance of DevOps teams on third-party code in container components and libraries to compromise microservices and serverless environments. As these architectures become increasingly commonplace, so will attacks.

The risk posed by MSPs will also escalate, enabling a much higher ROI for attackers because they can access multiple customers via a single provider. Such threats will imperil corporate and customer data, and even pose a risk to smart factory and other environments.

Finally, supply chain risk may come from an unlikely source in 2020 and beyond. As remote and home working becomes the norm for many employees, hackers may come to view these as a handy stepping-stone into corporate networks. Whether they’re logging-on via unsecured public Wi-Fi hotspots or at home, where smart home flaws could provide an unlocked door to sneak through, these employees need to be considered as part of holistic enterprise risk management strategies.

What to do
I
t will be tough for CISOs to keep up with the rapid pace of technological change as we head through the next decade. But it’s vital that teams are equipped with the right tools and strategies to manage these third-party risks and other threats to the bottom line and corporate reputation. Here’s a snapshot of advice offered in the report:

  • Improve due diligence of cloud providers and MSPs
  • Conduct regular vulnerability and risk assessments on third parties
  • Invest in security tools to scan for vulnerabilities and malware in third-party components
  • Consider Cloud Security Posture Management (CSPM) tools to help minimise the risk of misconfigurations
  • Revisit security policies regarding home and remote workers

To find out more on our predictions for 2020 and advice on how best to manage risk in your business, check out the report here.

IoT Security Still an Afterthought for Many IT Leaders — This Must Change

by Simon Edwards

IoT security is new frontline in the battle against enterprise cyber-threats. As more smart endpoints are connected to corporate networks, the potential for mass data theft, service outages, sabotage and more will only increase. Yet new Trend Micro research reveals that only half (53%) of IT and security decision makers regard IoT as a security risk. This is a major miscalculation that could cost their organisations dear in the long run.

You need to start planning now for ways to mitigate the new risks presented by IoT technologies. Our annual CLOUDSEC show in September will also provide some much-needed best practice advice in this area. Continue reading

Layered Defence To Combat a ‘Brotherhood’ of Cyber-Criminals

by Bharat Mistry

Over the past 28 years, Trend Micro has led the industry in trying to better understand those who seek to do us and our customers harm. After all, how can we begin to build effective threat prevention if we don’t know what we’re trying to protect against? The latest of our in-depth reports into regional cybercrime underground markets focuses on the Middle East North Africa (MENA) region, and reveals some surprising findings. This is a cybercrime underground united in its goals with members keen to share and help each other; making it particularly dangerous for targets in the West.

That’s bad news for all of us as local MENA players move beyond DDoS and web defacement activity to more nefarious attacks. Against this backdrop, layered security becomes an essential mitigation strategy. Continue reading