Trend Micro Incorporated has warned that threat actors have bounced back from recent law enforcement efforts to unleash a new wave of attacks leveraging AI and other techniques.

The global cybersecurity leader revealed that it blocked almost 47 million email threats, more than 7,000 ransomware attempts and over 3 million malicious URLs targeted at South African businesses and consumers between January and June 2024. 

“Trend Micro blocked over 11 million malware threats for South African customers in the first half of the year, but there’s no time for complacency. As malicious actors begin to embrace AI as a tool, industry must respond in kind, by designing security strategies to take account of evolving threats. This is an arms race we can’t afford to lose,” commented Gareth Redelinghuys, Country Managing Director, Sub-Saharan Africa at Trend Micro.

As detailed in the mid-year roundup report, the threat from malicious actors across the globe remains acute despite successful law enforcement actions against ransomware families such as LockBit. 

The mid-year report highlights that, despite successful actions taken by law enforcement against ransomware groups like LockBit, the threat from malicious actors worldwide remains serious.

A particular cause of concern is criminal use and abuse of AI. Across the world, Trend Micro has observed threat actors hiding malware in legitimate AI software, operating criminal large language models (LLMs), and even selling jailbreak-as-a-service offerings. The latter enable cybercriminals to trick generative AI bots into answering questions that go against their own policies—primarily for developing malware and social engineering lures.

Also in H1 2024, cybercriminals have been ramping up deepfake offerings to carry out virtual kidnapping scams and conduct targeted business-email-compromise-type impersonation fraud. They’ve also been using these offerings to bypass know your customer (KYC) checks, which are designed to protect financial organisations from fraud. Trojan malware has been developed to harvest biometric data to help with the latter.

Other highlights from the first half of 2024 include:

• LockBit remains the most prevalent ransomware family despite law enforcement disruption, and has even developed a new variant, LockBit-NG-Dev.
• Cybercriminals have leveraged major events such as the Olympics and national elections to launch targeted attacks.
• State-aligned hackers used advanced techniques to hack into internet routers and hide their attacks.
• Various groups have targeted cloud environments, apps, and services by exploiting exposed credentials, unchecked resources, security weaknesses, and even legitimate but misconfigured tools.

You can read a full copy of the report, Pushing the Outer Limits: Trend Micro 2024 Midyear Cybersecurity Threat Report, here.