In 2022, more cyber threats were detected than ever before
2022 saw a 55% increase in cyberattacks compared to the previous year, according to a new Trend Micro report.
The company also reported that in 2022, its products blocked 242% more malicious files as cybercriminals targeted both consumers and organizations.
Trend Micro said that cybercriminals most often gain initial access via remote services before expanding their reach through credential dropping. They are also very keen on maintaining a presence on compromised endpoints (opens in a new tab)as the company saw an 86% increase in malware designed to enable persistence.
Log4j still persists
The company continues that for the third year in a row, the number of Zero Day Initiative (ZDI) advisories is breaking records, reaching 1706 in 2022. Trend Micro believes this is the result of a “rapidly expanding corporate attack surface” because as well as greater investment in automated analysis tools that are able to find more errors. In fact, the number of critical vulnerabilities discovered in 2022 was twice as high as in 2021.
Two of the top three CVEs reported in 2022 were related to Log4j, which still appears to be a major issue many years after its discovery.
Failed fixes and “misleading” advice are also becoming more common, forcing organizations to spend more time and money resolving potential issues. As a result, companies are exposed to additional and unnecessary risks.
To tackle the increasingly volatile problem of cybercrime, Trend Micro recommends companies regularly check their assets to determine their criticality, ensure that their cloud infrastructure is properly configured for security, and prioritize software updates as soon as possible, to minimize potential abuse.
For Jon Clay, VP of Threat Intelligence at Trend Micro, 2022 was “the year cybercriminals went all out to increase profits.”
“The surge in backdoor detections is particularly concerning as it shows us their success in getting ashore on networks. To effectively manage risk in a rapidly expanding attack surface, overburdened security teams need a more streamlined, platform-based approach,” he concluded.