top of page
Search

Alarming Surge in AI-Driven Cybercrime in H1 2024

Trend Micro’s mid-year roundup report highlights resilience of threat actors



Trend Micro Incorporated (TYO: 4704; TSE: 4704) recently warned that threat actors have bounced back from recent law enforcement efforts to unleash a new wave of attacks leveraging AI and other techniques.


Tony Lee, Head of Consulting at Trend Micro Hong Kong and Macau: "Trend Micro blocked over 75.9 billion threats for customers in the first half of the year, but there's no time for complacency. As malicious actors begin to embrace AI as a tool, industry must respond in kind, by designing security strategies to take account of evolving threats. This is an arms race we can't afford to lose."


As detailed in the mid-year roundup report, the threat from malicious actors remains acute despite successful law enforcement actions against LockBit (Operation Cronos), dropper malware networks (Operation Endgame), and unsanctioned use of Cobalt Strike (Operation Morpheus).


A big cause of concern is criminal use and abuse of AI. Trend Micro has observed threat actors hiding malware in legitimate AI software, operating criminal LLMs, and even selling jailbreak-as-a-service offerings. The latter enable cybercriminals to trick generative AI bots into answering questions that go against their own policies—primarily for developing malware and social engineering lures.


Also in H1 2024, cybercriminals have been ramping up deepfake offerings to carry out virtual kidnapping scams, conduct targeted BEC-type impersonation fraud, and bypass KYC checks. Trojan malware has been developed to harvest biometric data to help with the latter.


Other highlights from the first half of 2024 include:


  • LockBit remains the most prevalent ransomware family despite law enforcement disruption, and has even developed a new variant, LockBit-NG-Dev

  • Cybercriminals have leveraged major events such as the Olympics and national elections to launch targeted attacks

  • Notable APT campaigns have exploited geopolitical tensions, such as Earth Lusca's campaign around the China-Taiwan relations

  • State-aligned actors used sophisticated techniques to compromise internet-facing routers for anonymization of targeted attacks

  • Various groups have targeted cloud environments, apps and services by abusing exposed credentials, dangling resources, vulnerabilities, and even legitimate (but misconfigured) tools


LockBit topped the list of ransomware families


LockBit topped the list of ransomware families with the highest file detections during the first half of this year. Banking institutions were hit hardest by ransomware attacks in the first half of 2024, followed closely by organizations in the technology industry.



Accessing high-risk cloud applications dominated the list of risk events in the first half of the year


The lack of updated endpoint protection in unmanaged devices exposes businesses to further risk.



 

For details, please read the report "Pushing the Outer Limits: Trend Micro 2024 Midyear Cybersecurity Threat Report": https://www.trendmicro.com/vinfo/hk/security/research-and-analysis/threat-reports/roundup/pushing-the-outer-limits-trend-micro-2024-midyear-cybersecurity-threat-report

1 view0 comments
connexion_panel_edited.jpg
CXO_8-in-1.png
subscribe_button.png

 

Disclaimer:

The information contained in this site is for reference only. While we have made every attempt to ensure that the information contained in this site has been obtained from reliable sources, we are not responsible for any errors or omissions, or for the results obtained from the use of this information. All information in this site is provided "as is", with no guarantee of completeness, accuracy, timeliness or of the results obtained from the use of this information, and without warranty of any kind, express or implied, including, but not limited to warranties of performance, merchantability and fitness for a particular purpose. In no event will Ho Hon Asia Limited, its related partnerships or corporations, or the partners, agents or employees thereof be liable to you or anyone else for any decision made or action taken in reliance on the information in this site or for any consequential, special or similar damages, even if advised of the possibility of such damages.
Certain links in this site connect to other websites maintained by third parties over whom we have no control. We make no representations as to the accuracy or any other aspect of information contained in other websites.

2024 @ Inno-Thought and its affiliates. All rights reserved.

bottom of page