A new report from Cybersecurity firm Trend Micro found a huge 55% increase in overall threat detections in 2022 and a 242% surge in blocked malicious files, as threat actors indiscriminately targeted consumers and organizations across all sectors.
But the bad guys don’t just accept a drop in “business.” The report illustrates how hackers have adjusted, putting even more people and organizations at risk.
“To combat waning ransomware revenues — a staggering 38% decrease from 2021 to 2022 — active ransomware actors have increased their level of professionalism to ensure higher ransomware payouts,” the report’s authors write. “In the past year, we’ve seen them take a page out of the corporate handbook to diversify, rebrand, and even offer professional services such as technical support, with the goal of keeping their attacks potent.”
Emerging trends
The report identified a number of emerging trends in cyberattacks, including these:
The top three MITRE ATT&CK techniques show that threat actors are gaining initial access through remote services, then expanding their footprint within the environment through credential dumping to utilize valid accounts.
An 86% increase in backdoor malware detections reveals threat actors are trying to maintain their presence inside networks for a future attack.
The number of critical vulnerabilities doubled in 2022.
The Zero Day Initiatives (ZDI) observed an increase in failed patches and confusing advisories.
Webshells were the top-detected malware of the year, surging 103% on 2021 figures. LockBit and BlackCat were the top ransomware families of 2022.
Hackers are operating like a business
The researchers say ransomware groups rebranded and diversified in a bid to address declining profits. In the future, Trend Micro expects these groups to move into adjacent areas that monetize initial access, such as stock fraud, business email compromise (BEC), money laundering, and cryptocurrency theft.
Jon Clay, vice president of threat intelligence at Trend Micro, says hackers’ attempts to boost their profits pose a threat to everyone.
“A surge in backdoor detections is particularly concerning in showing us their success in making landfall inside networks,” Clay said. “To manage risk effectively across a rapidly expanding attack surface, stretched security teams need a more streamlined, platform-based approach."