Over 73 per cent of Information Technology security decision-makers are concerned about the growing digital attack space because of the Covid-19 pandemic’s increased digitalisation.
Trend Micro, a cybersecurity provider, has recently released its latest industry report. The report contains several interesting trends and developments within the cybersecurity space. The continued growth of threat detections, which has increased exponentially since the pandemic forced greater adoption of digital functions, is one key finding.
According to the report, many IT decision-makers are concerned about the rapid digitalisation, with 43 per cent claiming that the digital attack surface is spiralling out of control and 37 per cent describing it as constantly evolving and messy. “In light of the challenges faced by IT professionals, it is clear that there is a need for improved investment and understanding of the cyber-attack landscape,” the report says in part.
“Although most detections and attacks are still aimed overseas, it is crucial that Africa invest in improved security measures. A critical part of this investment must be focused on resolving the skills shortage. While a comprehensive security solution like Trend Micro One can provide your systems with protection, skills development programs will play a key role in ensuring a safe future,” says Emmanuel Tzingakis, technical lead of sub-Saharan Africa.
In summary, the Trend Micro report has highlighted five of the key insights observed in the first half of 2022. These are:
Old Favourites Make a Comeback
While new malware tends to receive the lion’s share of the spotlight, the first half of 2022 saw a significant resurgence of old favourite commodity malware, Emotet. Despite its infrastructure being taken down in 2021, the report showed detections of the botnet increased from 13,811 in H1 2021 to 148,701 in H1 2022.
Malicious Actors Turn their Attention to Ukraine
Cyber warfare is a burgeoning trend with prominent groups launching attacks on Ukrainian targets before and during the conflict with Russia. In addition to this, other threat actors are targeting individuals outside of the conflict, capitalising on curiosity and sympathy.
Turning their attention away from dwindling interest in Covid-19, many are now using requests for donations as a guise for their spam emails. According to a recent report from Interpol, online scams through text messages and email top the list of most prominent threats in Africa. This is supported by Trend Micro’s regional statistics for H1 2022, which show well over 2.4 million blocked mails in the region.
Ransomware as a Service Grows in Popularity
Ransomware as a service (RaaS) continues to grow as a threat with LockBit, Conti, and BlackCat at the helm. This profitable approach to cybercrime allows would-be cybercriminals to access tools and infrastructure that otherwise would not have been available to them. The RaaS system places the responsibility of infection on affiliates, providing developers with a layer of protection and additional time in which to evolve their malware. The growing popularity of this approach is largely responsible for the 2.5 million detections worldwide, of which nearly 200,000 occurred in Africa.
Linux becomes a Prime Target
Linux systems have become an attractive option for malicious actors looking to concentrate on servers and embedded systems, both areas where Linux is expected to see growth in the next few years. The new focus on the operating system became clear in H1 2022 which saw a 75 per cent increase in ransomware attacks targeting Linux machines. This emerging trend is concerning to organisations as targeted infrastructure forms part of their critical infrastructure and successful attacks have the potential to deal significant damage.
Cloud-based attacks remain a top concern
As investment in Cloud Computing in Africa continues to grow, new security challenges are emerging. Top of this list are cloud tunnelling and containers. While cloud tunnelling allows users to swiftly deploy assets and services – it can also prevent full visibility of the deployed assets. Trend Micro found attackers are taking advantage of this by launching attacks in unconventional places where IT teams tend not to look.
Similarly, containers offer organisations increased speed and efficiency in their development cycles. However, many have failed to implement proper security controls, which can lead to compromise at various stages of the pipeline. Misconfigured container software remained a top concern in H1 2022 with 53 per cent of respondents in a recent Red Hat survey reporting misconfiguration detection on their containers.