Fileless cyberattacks explode in the first half of 2019

Photo by Patrick Amoy

Fileless cyberattacks that evade traditional defenses, taking advantage of a machine’s built-in tools and applications and leaving no identifiable signature behind, surged by 265% year-on-year in the first half of 2019, according to Trend Micro.

These threats use a variety of techniques as part of its infection routine. They can come from malicious macro codes in the form of JavaScript or VisualBasic (VBA) scripts embedded within Office documents, PDFs, archives, or seemingly benign files.

The latest report from Trend Micro also revealed that email was still the most used threat vector deployed to infiltrate a corporate network and target unsuspecting employees. 

In Singapore alone, email threats saw a 30% increase for the first half of 2019, compared to the first half of 2018. This trend was possibly driven by cybercriminals moving to and favouring cloud-based or mobile platforms, such as Office 365, as avenues for scamming users and enterprises.

Globally, business email compromise (BEC) remains a major threat, with detections jumping 52% compared to the past six months.

The CEO remained the most spoofed position in BEC scams, as emails from CEOs tended to elicit a sense of urgency and inspire prompt action from the recipients. Employees targeted typically were those who were authorised to conduct wire transfers.

“The future of email security will also contend with threats that arise from the integration of workplace collaboration tools, such as Slack or Dropbox, with email platforms,,” said Nilesh Jain, vice president of Southeast Asia and India, Trend Micro.

The latest findings show that attackers are working smarter to target businesses and environments that will produce the greatest return on investment.

In terms of file-based threat components, cryptomining malware remained the most detected threat in the first half of 2019, with attackers increasingly deploying these threats on servers and in cloud environments.

Digital extortion schemes soared by 319% from the second half of 2018, which aligns with previous projections.

Ransomware-related files, emails, and URLs grew 77% over the same period. Exploit kits have also made a comeback, with a 136% increase compared to the same period in 2018.