by Jan Michael Carpo, Correspondent
Trend Micro Incorporated (TYO: 4704; TSE: 4704), a leading global cybersecurity entity, has disclosed a significant 10% increase in the total number of threats averted in 2023, as detailed in its latest report, “Calibrating Expansion: Annual Cybersecurity Threat Report.”
The report highlights a worrisome trend where attackers are seen to employ increasingly sophisticated methods to target fewer victims yet potentially results in higher financial gains.
Evaluating risks across all potential attack vectors
Ian Felipe, Trend Micro’s Country Manager for the Philippines, stressed, “We’re observing a surge in our ability to thwart threats for our clientele. However, adversaries are employing a range of sophisticated tactics to evade defensive measures. It’s crucial for network defenders to continuously evaluate risks across all potential attack vectors, as outlined in our report. Understanding the strategies favored by our adversaries is fundamental for robust defense strategies.”
In 2023, Trend Micro intercepted a staggering 161 billion threats globally, a substantial increase from the 82 billion threats countered five years earlier.
Other key findings include:
- A remarkable 349% year-on-year increase in email malware detection, alongside a 27% decrease in malicious phishing URL detections, indicates a shift towards using malicious attachments rather than directly embedded links in emails.
- A 16% year-on-year rise in business email compromise (BEC) detections.
- A 14% decrease in ransomware detections, coupled with a 35% upsurge in threats intercepted through Trend Micro’s File Reputation Services (FRS).
These findings indicate a twofold trend: threat actors are becoming more selective in target selection and adept at evading early detection mechanisms. For instance, cybercriminals are abandoning large-scale attacks reliant on victims clicking malicious links, instead focusing on a smaller set of high-value targets with more sophisticated tactics to evade network and email filters.
Moreover, the increase in FRS detections amidst declining ransomware detections suggests that threat actors are refining their abilities to evade primary detection methods, employing techniques like “Bring Your Own Vulnerable Driver” (BYOVD) and zero-day exploits.
Cybersecurity developments in Southeast Asia in 2023
The report also addresses cybersecurity developments in Southeast Asia in 2023. While ransomware detections surged in the region, primarily in Thailand, other markets such as Indonesia, Malaysia, Singapore, and the Philippines saw a decrease in ransomware incidents. Particularly, the Philippines witnessed a significant 93% drop in ransomware detections.
Additionally, the report delves into the Philippine threat landscape, revealing a notable targeting of government entities in Advanced Persistent Threat (APT) campaigns. Adversary groups like Earth Estries and Mustang Panda have been identified as targeting local government organizations, employing cyberespionage campaigns and leveraging legitimate software components for data gathering.
Despite a 20% decrease, the prevalence of accessing malicious URLs in the Philippines remains substantial, with over 76 million detections recorded. Similar trends are observed across other threats, with high detection rates despite year-on-year declines, including email threats (27%) and botnet victims (27%), while malware detections increased by 12%.
In response, Trend Micro recommends network defenders to:
- Collaborate with trusted cybersecurity vendors offering comprehensive platforms to secure resources and monitor for vulnerabilities.
- Prioritize Security Operations Center (SOC) efficiency by closely monitoring cloud applications integrated into daily operations.
- Ensure timely application of all available patches and upgrades.
- Implement robust security protocols to mitigate vulnerabilities, tighten configuration settings, control application access, and enhance account and device security. Additionally, focus on detecting ransomware attacks earlier in the attack lifecycle.
To access the complete “Calibrating Expansion: Annual Cybersecurity Threat Report,” check out this link: https://www.trendmicro.com/vinfo/ph/security/research-and-analysis/threat-reports/roundup/calibrating-expansion-2023-annual-cybersecurity-threat-report.