Organizations still able to unravel cyber defences, says Trend Micro report

The cyber breaches of 2017 had a wide range of sometimes conflicting patterns — for example, despite ample media warnings about the attack strategy, business email compromise stung many organizations — says a look back at the year by Trend Micro released this week.

However, it adds, there was a common thread: What the security vendors calls the “susceptibility” of people and organizations to leave themselves open to successful attacks. “Cybercriminals consistently pull on the susceptibility thread to unravel defense systems and obtain valuable assets at the expense of the innocent,” says the report. “These were the result of a destructive combination of increasingly aggressive threats and incomplete security practices.”

In 2017 big name enterprises — including Equifax, Yahoo, FedEx, Maersk, Google and Facebook — were victimized by different forms of cybercrime, the report notes, with huge amounts of money and information lost in the process. In addition to cash loses, “enterprises stand to lose their clients’ unquantifiable trust and patronage,” it points out.

Among the patterns Trend Micro researchers saw:

Ransomware “changed the rules of the game.” By year’s end, there had been a 32-percent increase in the number of ransomware families from 2016 to 2017. At the same time the number of major players was considerably smaller compared to 2016. However, this leaner number “delivered a remarkable twist”  by delivering punches like the WannaCry and Petya outbreaks. It is estimated these ransomware families resulted in an estimated US$5 billion in losses.

–Known software vulnerabilities were exploited in new ways. Thanks to another dump by the Shadow Brokers of what are believed to be vulnerabilities found by the U.S. National Security Agency, a number of attacks (including WannaCry) were crafted. That was on top of the 1,008 new vulnerabilities researchers around the world discovered in 2017.  Worrying was the discovery of a steep rise in zero-day vulnerabilities, which increased 98 percent from 2016 — and all but six of these were as a steep rise in zero-day vulnerabilities between 2016 and 2017. Zero-day vulnerabilities increased 98 percent from 2016, and all but six of these were related to industrial supervisory control and data acquisition (SCADA) systems.

–Business email compromises (sometimes called business executive compromises), where a scammer posing as an executive tries to get employees to wire money, are rising. Citing news reports, the document notes that even Google and Facebook had been defrauded of over US$100 million by a man who allegedly used falsified invoices and convinced both companies that he was part of a partner manufacturing company. Most of the losses for both companies were promptly recouped after the incident. The most spoofed position was the chief executive officer, while the most targeted was the chief financial officer.

Companies of all sizes need to beef up their cybersecurity practices to stop BEC attacks, the report warns. “Educating executives and employees of all levels on how to effectively distinguish BEC scams and using security solutions that protect from spam and spear-phishing attempts are a company’s best defence against this growing, costly threat. It is also recommended to implement a multi-factor verification system for financial requests so as to spot scams before any money is paid out.”

–The rise in the value of cryptocurrencies is making them tempting targets. In addition to wallet theft, unauthorized cryptomining is a worry for enterprises.  One campaign used tech support scams to deliver Coinhive’s cryptocurrency miner.

Source: Trend Micro report

–IoT botnets are multiplying.  In November a new Mirai campaign detected in South American and North African countries was found to be responsible for 371,640 attack attempts coming from around 9,000 unique IP addresses. But there’s a new trend: Using botnets for cryptomining. Trend Micro also warns that  intelligent transportation systems, which vehicle makers and partners are pouring a lot of money into, are a potential new vector for attack.

Despite the WannaCry ransomware causing a worldwide stir, the IoT botnet-related events affected more devices — something enterprises should pay careful consideration to.

Finally, the report cites news stories to repeat a truism: Not all data breaches are caused by sophisticated infiltration. Sometimes, they’re the result of sheer carelessness or even neglect.

Examples: An improperly configured backup system at River City Media led to the exposure of 1.37 billion email addresses. And Deep Root Analytics, which had 1.1 terabytes of information on more than 198 million U.S. citizens, saw the data leaked because it was unintentionally uploaded to a publicly available server. And JobLink saw an unpatched vulnerability in its application code gave a hacker access to the information of 4.8 million job seekers across 10 states in the U.S.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

Featured Articles

Empowering the hybrid workforce: how technology can build a better employee experience

Across the country, employees from organizations of all sizes expect flexibility...

What’s behind the best customer experience: How to make it real for your business

The best customer experience – the kind that builds businesses and...

Overcoming the obstacles to optimized operations

Network-driven optimization is a top priority for many Canadian business leaders...

Thriving amid Canada’s tech talent shortage

With today’s tight labour market, rising customer demands, fast-evolving cyber threats...

Staying protected and compliant in an evolving IT landscape

Canadian businesses have changed remarkably and quickly over the last few...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now