Over 85 billion threats were blocked by Trend Micro in the first half of 2023 - around a third more than in the same period last year. The new trend of cybercriminals using generative artificial intelligence (AI) and ransomware to increase their reach and efficiency is increasing. This is also shown by the Trend Micro 2023 Midyear Cybersecurity Threat Report.
Trend Micro, one of the world's leading providers of cybersecurity solutions, publishes its security situation report in the middle of the year. According to this, generative artificial intelligence (AI) is becoming more and more of a threat. Not only companies, but also cyber criminals are increasingly relying on the new technology to increase their reach and efficiency. The Japanese IT security provider blocked a record number of over 85 billion individual threats in the first half of the year. This represents an increase of around a third compared to the previous year. In addition, the proportion of Linux operating systems affected by ransomware continues to explode - by a full 2022 percent compared to the first half of 62. In general, cybercriminal gangs are rapidly upgrading their technology and improving collaboration.
A third more: now 85 billion threats
🔎 The report shows that Asia in particular is being attacked with ransomware (Image: Trend Micro).
The use of AI in companies is constantly increasing. In 2022, more than a third (35 percent) of all respondents were already using embedded AI tools to increase their efficiency. But it’s not just companies that benefit from generative AI. Cybercriminals are harnessing the power of AI to carry out attacks more efficiently. There are already numerous new AI-supported attack variants such as virtual kidnapping, pig butchering and harpoon whaleing, which can be designed and automated more efficiently using the new technology.
With the AI market steadily growing - its total value is expected to be $2027 billion by 407 - we can expect a further explosion of AI use in cybercrime. Cybercriminals will continue to find ways to use AI to generate malicious code and streamline their operations. But malicious actors are not just arming themselves with AI.
Ransomware infections continue to explode on Linux systems
In the first half of 2023, 90.000 ransomware attacks on end devices were detected. Compared to the same period last year, the number of Linux systems affected by ransomware increased by 62 percent. A total of 14 new ransomware families have been in circulation since 2023. This increase can be explained by the increasing use of new technologies such as generative AI and other tools. In the spring, the new group Mimic exploited a hole in the legitimate search tool Everything to determine which files should be encrypted. In addition, the level of collaboration between the different ransomware groups such as Conti, TargetCompany and BlueSky is also increasing, resulting in lower costs and higher operational efficiency.
What else happened in the first half of 1?
🔎 Industrial segments in particular are particularly often attacked (Image: Trend Micro).
Cybercriminals are not just arming themselves with AI. Malicious actors are constantly updating their tools, techniques, and procedures (TTP) to evade detection and cast a wider net for their victims. The APT34 group, for example, used DNS-based communications in combination with legitimate SMTP mail traffic to bypass security policies in the first half of 2023.
Furthermore, the Earth Preta group has shifted its focus to critical infrastructure and uses hybrid techniques to spread malware. Persistent threats such as the APT41 subgroup Earth Longzhi have also reemerged with new techniques and are targeting companies in multiple countries. All of these campaigns require a coordinated approach and continuous vigilance from companies. This is the only way to win the arms race against the increasingly sophisticated tools and methods of cybercriminals.
This is how companies defend themselves
Security experts like Trend Micro are also increasingly turning to AI tools to help their customers defend against cyberattacks. Recently, Trend Micro began using generative AI to improve security operations. For example, the Artificial Intelligence Companion is a cybersecurity assistant designed to automate repetitive tasks so analysts can focus on more important tasks. Using modern technology, Trend Micro blocked over 2023 billion threats in the first half of 85 alone (about a third more than the same period last year), including 37 billion malicious emails and close to 46 billion infected files. In addition, access to 1 billion dubious URLs was prevented.
“At Trend Micro, we have been using AI and machine learning to detect attacks and filter spam since 2005. We are concerned that cybercriminals are now increasingly embedding AI-supported tools into their attack methods with increasing frequency and sophistication. Unfortunately, an arms race of AI tools seems inevitable, but we are used to the arms race with cybercrime. The increased use of AI on their side will make some countermeasures such as employee training more difficult. This makes other measures such as anomaly detection much more important,” says Richard Werner, business consultant at Trend Micro.
More at TrendMicro.com
About Trend Micro As one of the world's leading providers of IT security, Trend Micro helps create a secure world for digital data exchange. With over 30 years of security expertise, global threat research, and constant innovation, Trend Micro offers protection for businesses, government agencies, and consumers. Thanks to our XGen™ security strategy, our solutions benefit from a cross-generational combination of defense techniques optimized for leading-edge environments. Networked threat information enables better and faster protection. Optimized for cloud workloads, endpoints, email, the IIoT and networks, our connected solutions provide centralized visibility across the entire enterprise for faster threat detection and response.