Taken from the company’s monthly threat landscape updates, the data illustrates the continued popularity of email as an infection vector: it comprised over 93 percent of all blocked threats over the period.
Trend Micro saw ransomware detections top two million in February, a 20.2 percent increase from the month previous. China accounted for the biggest number of detections in January (31 percent) and February (43 percent) with the US in second place in both months (16 percent and 13 percent respectively).
From January to February 2020, Trend Micro detected a major rise of 24.3 percent in BEC attempts, with cyber-criminals using various techniques including CEO fraud, bogus invoices, and compromise of exec/employee accounts.
CEO fraud was most common in the US, UK and Australia over the period. In February the US accounted for 34 percent, followed by the UK (13 percent) and Australia (11 percent). The findings reflect the fact that many multi-national organisations are headquartered in these countries.
Trend Micro cloud security architect Ian Heritage said: “IT security teams around the world may be under significant pressure today, as the corporate attack surface expands thanks to mass home working demands in the face of the Covid-19 epidemic. But now more than ever, they must be on high alert as opportunistic cyber-attackers look to strike.”
“Our detections of BEC and ransomware increased by over 20 percent over the first two months of the year. Whilst it’s good to see us blocking more threats for customers, it could also point to cyber-criminals ramping up their targeting of enterprises. Layered, connected protection across the organisation is vital to help keep attacks at bay and support business-as-usual in these challenging times.”
Elsewhere, there was a dramatic uptick in exploit kit detections from January to February, of over 572 percent. This was thanks to Bottle, which went from being outside the top five EKs in January to accounting for 84 percent of the total number of detections in February, overtaking Rig. Bottle was concentrated in Japan, which accounted for 92 percent of EK detections in February. It focused its efforts on exploiting vulnerabilities in Adobe Flash Player and Microsoft’s VBScript, and together the two vendors accounted for the largest number of reported bugs in February.