Trend Micro has detected 55% increased in overall threat in 2022 and a 242% surge in blocked malicious files, as threat actors indiscriminately targeted consumers and organizations across all sectors.
Jon Clay, VP of threat intelligence at Trend Micro said, “The unrivaled breadth of Trend Micro threat intelligence reveals 2022 as a year when threat actors went ‘all-in’ to boost profits. A surge in backdoor detections is particularly concerning in showing us their success in making landfall inside networks. To manage risk effectively across a rapidly expanding attack surface, stretched security teams need a more streamlined, platform-based approach.”
The roundup report reveals several interesting trends for 2022 and beyond:
The top three MITRE ATT&CK techniques show us that threat actors are gaining initial access through remote services, then expanding their footprint within the environment through credential dumping to utilize valid accounts.
An 86% increase in backdoor malware detections reveals threat actors trying to maintain their presence inside networks for a future attack. These backdoors primarily targeted web server platform vulnerabilities.
India experienced approximately 7 lakh malware attacks in 2022, up from 6.5 lakh in 2021, with the banking sector being the most vulnerable to these attacks, totalling 44,949 incidents. However, there was a slight decline in the number of malware detections across the six critical sectors, indicating that appropriate measures are being taken.
A record number of Zero Day Initiative (ZDI) advisories (1,706) for the third year in a row is the result of a rapidly expanding corporate attack surface and researcher investment in automated analysis tools, which are finding more bugs. The number of critical vulnerabilities doubled in 2022. Two out of the top three CVEs reported in 2022 were related to Log4j.
The ZDI observed an increase in failed patches and confusing advisories, adding extra time and money to corporate remediation efforts and exposing organizations to unnecessary cyber risk.
Webshells were the top-detected malware of the year, surging 103% on 2021 figures. Emotet detections were second after undergoing something of a resurgence. LockBit and BlackCat were the top ransomware families of 2022.
Ransomware groups rebranded and diversified in a bid to address declining profits. In the future, we expect these groups to move into adjacent areas that monetize initial access, such as stock fraud, business email compromise (BEC), money laundering, and cryptocurrency theft.
In India, in 2021 the top three sectors affected by ransomware were banking, government, and manufacturing, but the trend shifted in 2022 when the government sector became the most affected, followed by manufacturing and banking. Interestingly, while the number of attacks on the banking sector decreased significantly from 15,928 to just 626 ransomware alerts, the number of attacks on the government sector remained relatively stable, and the manufacturing sector saw an increase from 994 to 1,178 incidents in 2022.
Vijendra Katiyar, Country manager for India & SAARC, Trend Micro, added, “The Trend Micro Annual Cybersecurity Report 2022 has highlighted some concerning trends specific to India, as cyber threats continue to evolve and pose significant risks to organizations. The report reveals a 16% increase in malware attacks, underscoring the need for ongoing vigilance and collaboration to safeguard critical industries such as banking, government, and manufacturing. While the adoption of security measures has led to a drop in malware detections across the six critical sectors, it is important to recognize that the threat landscape is constantly changing. The report emphasizes the importance of a multi-layered cybersecurity approach, including proactive threat hunting, security awareness training, and investment in advanced security technologies. Trend Micro is committed to working with its customers to ensure they remain protected and resilient against the latest cyber threats.”