Advanced SOC Operations / CSOC , Governance & Risk Management , Professional Certifications & Continuous Training
Extortion Transitions from B2C to B2BTrend Micro's Pilao On The Asian Threat Landscape
There has been a significant uptick in the nature and volume of attacks around the globe, especially in the Asian region, supported by the increasing digitization and use of technologies in these developing economies. The past half-year has seen practitioners - notably in the SME segment - cry foul over targeted attacks and various forms of extortion (see: APT Attacks Will Seek Smaller Targets).
In an interview with ISMG exactly a year ago, Myla Pilao, director of marketing and research communications for TrendLabs, the R&D division of Trend Micro, predicted some of these trends being noticed today by researchers in this region (see: Cybercrime Gets Personal). Many of these predictions have now materialized, and the focus of extortion has steadily shifted from B2C to B2B, as seen with the rise of ransomware attacks against enterprises.
"We have called 2016 the year of online extortion, and in the first half of this year alone we have seen a dramatic increase in these attacks," Pilao says. "Maybe not necessarily in terms of the numbers, but in terms of how the techniques and vectors have evolved."
With the danger of ransomware, a lot of organizations may be finally moving away from the perimeter mindset, Pilao believes. They are taking more control of their infrastructure, and organizations are starting to pay attention to where in the entire value chain they are going to invest in security. Earlier most organizations used to focus on protecting and defending the points closest to the individual - the endpoints. Ransomware has shown that there is a need to re-evaluate if basic security hygiene has transitioned to keep pace with technological and infrastructural changes, she says.
Pilao says that for vendors such as Trend Micro, there is a clear case to be made for public-private partnerships to fight organized cybercrime. Trend Micro has several such initiatives ongoing with Interpol, Europol and other government and law enforcement agencies around the world, she says. The focus right now is to help these intelligence units with understanding the campaigns, methods and vectors used by the latest breed of attacks, based on Trend Micro's extensive dark web research (Also see: Ransomware Tips: Fighting the Epidemic).
In this exclusive audio interview with ISMG (player link below image), recorded live at the CloudSec2016 event held in Mumbai, Pilao speaks about the developments in the threat landscape that the Trend Micro research team has witnessed over the past year and the ongoing synergies with law enforcement around the world. She shares insight on:
- The threat landscape in APAC;
- The rise of extortion and increase in B2B attacks;
- The role of LEA and the modalities of collaboration with Interpol & Europol.
Pilao runs the security research communications arm of TrendLabs, the Research and Development Center of Trend Micro. She leads a team that monitors and manages critical incidents and developments in the security threat landscape, including prevalent high-profile attacks such as advanced persistent threats, (APTs), big data security, cybercrime and forensics. She is the key driver in designing creative, compelling and action-driven security global campaign programs. She is a strategic communications expert with over 10 years of experience as a regional spokesperson and evangelist.