“Calibrating Expansion: Annual Cybersecurity Threat Report,” released by cybersecurity leader Trend Micro Incorporated, reveals a 10 percent increase in global cyber threats blocked in 2023. The report underscores the evolving tactics of cybercriminals, who rely on increasingly sophisticated methods to target fewer, high-value entities.
“While we’re blocking more threats than ever, adversaries continue to diversify and refine their tactics, particularly in evading defenses,” stated Ian Felipe, Trend Micro Philippines Country Manager. “Network defenders must proactively manage risk across the attack surface. Understanding our adversaries’ preferred strategies is essential for effective protection.”
Globally, Trend Micro blocked a staggering 161 billion threats in 2023, marking a substantial rise from 82 billion five years prior. Key findings include a 349 percent year-on-year (YoY) surge in email malware detections and a 27 percent decrease in malicious phishing URL detections. This suggests increased reliance on malicious attachments rather than embedded links in emails. Furthermore, a 16 percent YoY increase in business email compromise (BEC) detections highlights the trend of attackers meticulously targeting high-value victims for maximum financial gain.
While ransomware detections decreased by 14 percent globally, a 35 percent increase in File Reputation Services (FRS) threat detections indicates that threat actors are becoming more adept at evading initial detection layers. They are likely utilizing techniques such as Bring Your Own Vulnerable Driver (BYOVD) and zero-day exploits.
In Southeast Asia, ransomware detections increased overall, with more than half (52 percent) of global incidents concentrated in Thailand. However, other regional markets, including the Philippines, experienced a decline in line with the global trend. The Philippines specifically noted a significant 93 percent decrease in ransomware detections.
The report also highlights the Philippines’ unique threat landscape, revealing extensive government targeting by Advanced Persistent Threat (APT) groups. Earth Estries (active from January 2023 to present) and Mustang Panda (active from August 2023 to present), known for cyberespionage campaigns, malicious tools, and the exploitation of legitimate software to gather user data, have focused efforts on Philippine governmental organizations.
Despite a 20 percent decline, over 76 million malicious URLs were accessed in the Philippines in 2023, highlighting the threat’s persistence. Other threats, such as email threats (27 percent) and botnet victims (27 percent), also decreased but remained substantial. Conversely, malware detections increased by 12 percent in the Philippines.
In response to these findings, Trend Micro recommends that network defenders partner with trusted security vendors utilizing a cybersecurity platform approach for comprehensive, continuous resource monitoring and maintain up-to-date patches and upgrades for operating systems and applications to mitigate vulnerabilities. By implementing robust security protocols to protect against vulnerabilities, strengthen device and account security, and tightly control application access and focusing on early ransomware detection, targeting the initial access, lateral movement, and data exfiltration stages of an attack they can prioritize SOC efficiency, paying close attention to cloud application monitoring as these become more integrated into operations.
