Cybercriminals changing tactics to disrupt critical business operations

KUALA LUMPUR (Aug 7): Cybercriminals are changing their tactics to disrupt critical business operations, and taking advantage of interest in the Covid-19 pandemic, says antivirus cloud computing security and internet content security software and services provider Trend Micro Malaysia.

In a statement in conjunction with its media briefing on cybersecurity for Malaysia’s healthcare industry, Trend Micro Malaysia managing director Goh Chee Hoh; Trend Micro Malaysia and Singapore technical director Law Chee Wan and Trend Micro Forward-Looking Threat Research Team senior threat researcher Mayra Rosario Fuentes said the firm has found that Covid-19 is being used in a variety of malicious campaigns including email spam, BEC (Business Email Compromise), malware, ransomware, and malicious domains.

They said the healthcare industry is among the most targeted industries, after FSI (Financial Services Industry) and government.

“Healthcare organisations are at risk, as they are a crucial component of public infrastructure and the fight against to pandemic and hold vast amounts of sensitive patient data and personally identifiable information (PII).

“The repercussions of a system compromise are huge and far-reaching,” they said.

Trend Micro said the mention of current events for malicious attacks is nothing new for threat actors, who time and again use the timeliness of hot topics, occasions, and popular personalities in their social engineering strategies.

The firm said all organizations, including healthcare players, must have a complete, multi-layered defense strategy that protects against new and proven attacks.

It said a multi-layered, in-depth approach can help organizations thwart and mitigate treats — from gateways, networks, and servers to endpoints such as Trend Micro XDR and Trend Micro Cloud One solution.

Trend Micro said it also offers free tools for companies to access:

o SaaS-based Security Awareness Service – enhances the security awareness of employees against email attacks

o Cybersecurity Assessment Service – A tool to scan your email and endpoints of your device to identify any existing threats such as phishing messages, ransomware, BEC messages and malicious files or URLs.

Source: TheEdgeMarkets