Sophisticated cyber attacks on Cloud to dominate 2019: Trend Micro

Bengaluru: Cyber attackers will use more sophisticated tools in 2019 to take advantage of the changing technology landscape and prey upon evolving corporate technology environments especially Cloud, cybersecurity firm Trend Micro has said.

The attackers will leverage proven methods against growing Cloud adoption, the firm said in its report late Friday, adding that more vulnerabilities will be found in Cloud infrastructure, such as containers, and weak Cloud security measures will allow greater exploitation of accounts for cryptocurrency mining.

This will lead to more damaging breaches due to misconfigured systems.

“As we head into 2019, organizations must understand the security implications of greater cloud adoption, converging IT and OT, and increasing remote working,” said Greg Young, Vice President of Cybersecurity for Trend Micro.

“Cybercriminals will continue to follow a winning formula – exploiting existing flaws, social engineering, and stolen credentials – to drive profits,” he added.

Trend Micro suggested that as both the corporate attack surface and unknown cyber threats increase, it’s more important than ever for organizations to put more resources behind employee education to help protect against these growing attacks.

Since 2015, the number of phishing URLs blocked by Trend Micro has increased by nearly 3,800 percent.

Additionally, attackers will continue to rely on known vulnerabilities that remain unpatched in corporate networks for 99.99 percent of exploits, as this remains a successful tactic, said the report.

“The full range of known and unknown threats can never be addressed by one single technology. In 2019, enterprises should not look for a silver bullet, but a mix of threat defense techniques that complement each other and work together,” suggested Nilesh Jain, Vice President, India, and Southeast Asia, Trend Micro.

Attackers will also implement emerging technologies like Artificial Intelligence (AI) to better anticipate the movements of executives.

“This will lead to more convincing targeted phishing messages, which can be critical to Business Email Compromise (BEC) attacks. Additionally, it is likely that BEC attacks will target more employees who report to C-level executives, resulting in continued global losses,” said the report.