In cybersecurity, the mountain we must climb is a steep one. The digital landscape in the region is rapidly evolving, and the threat landscape is evolving in parallel. As threat actors become more sophisticated, they continuously innovate their tactics to gain control and wreak havoc on digital infrastructures. It is evident that they have no intention of slowing down anytime soon.
The Trend Micro Annual Cybersecurity report for 2022 titled Rethinking Tactics stated that in the Middle East and Africa region, its solutions detected and blocked more than 695.7 million cyberthreats in 2022, including some 558 million email attacks and more than 81 million malware attacks.
The report also exposed alarming insights into how modern threat actors are enhancing their tactics to infiltrate digital systems. By committing to knowledge sharing through research reports like this, I am convinced that organisations throughout the region can strengthen their ability to protect their employees, customers, and long-term prospects in the new digital era. Here are a few critical findings that will guide them in their cybersecurity journey:
Evolution of technical methods
During the latter part of 2022, cybercrime organisations including Agenda, BlackCat, Hive, and RansomExx, developed versions of their ransomware using Rust programming language, making it harder for antivirus software to detect their ransomware across multiple platforms. This situation raises concerns for regional organisations, as even the most sophisticated cybersecurity measures may not be adequately prepared to combat these more elusive tactics and concealed attack vectors.
New business models
Like legitimate businesses, threat actors have now adopted new business models, diversified their operations, and rebranded themselves in response to tighter cashflows. For instance, the BlackCat group collaborated with experienced ransomware-as-a-service (RaaS) groups to enhance their operations, more like vendors and their channel partners in lawful industries.
The Cuba ransomware operators even provided technical support to their victims to streamline payment negotiations. Furthermore, the LockBit 3.0 gang launched the world’s first ransomware bug-bounty programme in June, offering monetary incentives to security researchers who discovered vulnerabilities, which is a practice commonly used by legitimate technology companies.
/
Increase in critical, high, and medium-severities
In 2022, Trend Micro™ Zero Day Initiative™ (ZDI) broke records for the third consecutive year in published advisories. This was due to the combination of the rapid growth of attack surface and ZDI’s investment in automating analysis, enabling researchers to identify more bugs. There was an increase in critical, high, and medium-severity CVEs from the previous year, with critical bugs more than doubling.
These facts are alarming and serve as a reminder that the adoption of advanced cybersecurity is the need of the hour in today’s world that is heavily reliant on technology. Hence, it is crucial for organisations to reassess their security posture and implement a comprehensive security strategy that safeguards all their endpoints and equips them to tackle future threats. Failure to do so will always keep the mountain’s peak out of their reach.