Trend Micro has disclosed its remarkable efforts in thwarting over 86 million email threats, nearly four million malicious URLs, and more than 4,000 malicious mobile apps targeted at South African businesses and consumers during the first half of 2023. This revelation coincides with the escalating intricacies of the nation’s cybersecurity threat landscape.
These revelations have been unveiled in Trend Micro’s 2023 Midyear Cybersecurity Threat Report, showcasing insights drawn from extensive telemetry, encompassing millions of commercial and consumer clients. The report not only highlights emerging trends in criminal techniques but also sheds light on threat actor activities, offering invaluable guidance for security defenders striving to outmaneuver cunning cybercriminals.
Gareth Redelinghuys, the Country Managing Director of Trend Micro’s African Cluster, emphasizes the ever-increasing complexity of the local threat landscape. He underscores the relentless efforts of malicious actors in shifting targets and employing ingenious strategies for enhanced efficiency and productivity. This scenario underscores the vital need for proactive and comprehensive security solutions.
The Evolution of Ransomware
The first half of 2023 witnessed Trend Micro blocking nearly 15 million malware families in South Africa, with ransomware posing a substantial challenge for local entities. Notably, almost 2,500 ransomware detections were made in June alone. The Midyear Report delves into the evolving tactics of ransomware groups, including their adaptation of tools and techniques for more efficient data extraction and the evolution of their business models.
Of significant concern is the emergence of a new ransomware, ‘Mimic,’ which employs legitimate search engine tools to locate files for encryption. Investigation indicates a potential connection with the infamous Conti ransomware group, suggesting collaboration among these criminal entities aimed at cost reduction, broader market influence, and sustained criminal activities. Additionally, the report reveals a shift in ransomware groups focusing on data exfiltration, particularly involving cryptocurrency theft and business email compromise (BEC).
AI’s Impact on Cybercrime
Another notable trend in the first half of 2023 is the growing use of AI by cyber criminals to conduct virtual crimes with greater efficiency. While many South African businesses have integrated AI to enhance their operations, malicious actors have also embraced this technology to create sophisticated imposter scams. These scams, such as virtual kidnapping, involve deepfake voice generation to pressure victims into paying a large ransom.
Furthermore, AI tools, including ChatGPT, have empowered cybercriminals to automate information gathering, form target groups, and identify vulnerable behaviors, making it easier to launch harpoon whaling attacks. These attacks involve the deceptive targeting of executives through highly personalized emails, crafted with urgency and containing specific information about the target. The use of AI to create human-like text has significantly reduced the effort required to target executives, making it easier to aim at a large number of individuals.
Innovations Expanding Threats
As innovations continue to evolve, threat actors are constantly seeking new avenues to target individuals. With the proliferation of connected cars, attackers aim to access user account data to facilitate crimes. Hijacking accounts or stealing credentials through phishing or malware may allow cybercriminals to locate and break into vehicles for theft or other illicit activities, potentially even targeting the owner’s home address for burglary during their absence.
The growing adoption of smart home networks (SHN) in South Africa has also drawn the attention of threat actors. During the first half of 2023, Trend Micro detected over one and a half million inbound SHN attacks in the country. These attacks have highlighted the vulnerability of smaller platforms, including file transfer services like MOVEit, business communications software like 3CX, and print management software solutions like PaperCut.
Zaheer Ebrahim, Solutions Architect for the Middle East and Africa at Trend Micro emphasizes that the increasing sophistication of hacker tactics presents significant challenges for local businesses. He underscores the importance of understanding potential risks and threats to make informed decisions and proactively strengthen cybersecurity defenses, given the constantly evolving landscape of digital security.