Trend Micro Incorporated, a global provider of cybersecurity solutions, predicts that in the coming years, ransomware groups will increasingly target Linux servers and embedded systems. According to the most recent Trend Micro 2022 Midyear Roundup Report, attacks on these systems increased by a double-digit year on year (YoY) in H1 2022.
The detection of ransomware-as-a-service (RaaS) attacks increased dramatically in the first half of 2022. Major players such as LockBit and Conti were detected with a 500% YoY increase and nearly doubled the number of detections in six months, respectively. The RaaS model has resulted in significant profits for ransomware developers and their affiliates. According to the data, Trend Micro blocked 63 billion threats in H1 2022, there were 52% more threats in the first half of the year than in the same period in 2021, and government, manufacturing, and healthcare were among the top three sectors targeted with malware.
Trend Micro solutions detected and blocked over 15 million email threats in the UAE, as well as over 11 million malicious URL victim attacks and over 122K URL hosts. Furthermore, over 10 million malware attacks were detected and stopped.
In addition, the report emphasizes the ongoing risks of remote and hybrid work and learning environments. With the help of Trend Micro’s Smart Home Network (SHN) solutions, the UAE blocked a total of 15 million SHN inbound and outbound attacks and prevented over 1 million SHN events from executing malware, obtaining sensitive information, intercepting communications, or launching external attacks on home devices.
“While the findings of our midyear report are alarming, they highlight the modern sophisticated cyber criminals emerging in the UAE, urging organizations in the country to re-evaluate and protect their digital assets,” said Majd Sinan, Country Manager, Trend Micro UAE. “This is why it is critical for enterprises to utilize these latest insights that can significantly strengthen their efforts of safeguarding digital infrastructures against threat actors and their illicit activities.”
Every day, new ransomware organizations emerge. Black Basta was the most notable in the first half of 2022. Despite the fact that SMBs are a more popular target, many threat actors prefer to target large corporations. Exploiting vulnerabilities is a common ransomware attack vector. Unpatched vulnerabilities contribute to a growing digital attack surface, which many organizations are struggling to secure as their IT environment expands to include hybrid workplaces. More than two-fifths (43%) of global organizations believe it is “spiraling out of control.”
Furthermore, cloud visibility is critical given the persistent risk posed by third parties exploiting misconfigured environments through methods such as cloud-based crypto mining and cloud tunneling. The latter is frequently used by threat actors to host phishing websites or to route malware traffic.
