Alarming Surge in AI-Driven Cybercrime in ANZ

Trend Micro’s mid-year roundup report for H1 2024 reveals Australia is among the top countries for SHN-Router attacks, URL victims, and mobile app detections

SYDNEY, September 11 , 2024 – Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, today warned that threat actors have bounced back from recent law enforcement efforts to unleash a new wave of attacks leveraging AI and other techniques.

In 2024, Australia encountered nearly 72 million email threats and was among the top ten countries surveyed for URL victims, with 21.6 million detections, representing 2.5% of the total global detections. Furthermore, the country has ranked 8th globally in mobile app detections, with a unique query count of approximately 24.3 million (including about 16,703 malicious apps) and a non-unique query count of around 24.1 million (including about 13,281 malicious apps), highlighting the nation's robust mobile security efforts.

Australia also ranked 7th globally for router attacks detected by SHN, with approximately 193,000 incidents, 8th for inbound attacks with about 7.2 million detections of threats targeting Australian systems from outside the country, and 10th for outbound attacks with around 259,000 detections of malicious activities originating from within Australia and targeting external systems. These rankings underscore the significant volume of cyber threat activity monitored in the country.

A total of 1,450 ransomware incidents and 2.4 million email threats were blocked in New Zealand in 2024. Among the countries surveyed, New Zealand ranked highly with 5.4 million instances of malicious URLs being accessed and blocked by Trend products.

To read a full copy of the report, Pushing the Outer Limits: Trend Micro 2024 Midyear Cybersecurity Threat Report, please visit: https://www.trendmicro.com/vinfo/au/security/research-and-analysis/threat-reports/roundup/pushing-the-outer-limits-trend-micro-2024-midyear-cybersecurity-threat-report

Mick McCluney, ANZ Field CTO at Trend Micro: “Trend Micro blocked over 75.46 billion threats for customers in the first half of the year, but there’s no time for complacency. As malicious actors begin to embrace AI as a tool, the industry must respond in kind, by designing security strategies to take account of evolving threats. This is an arms race we can’t afford to lose.” 

As detailed in the mid-year roundup report, the threat from malicious actors remains acute despite successful law enforcement actions against LockBit (Operation Cronos), dropper malware networks (Operation Endgame), and unsanctioned use of Cobalt Strike (Operation Morpheus).

A big cause of concern is criminal use and abuse of AI. Trend Micro has observed threat actors hiding malware in legitimate AI software, operating criminal LLMs, and even selling jailbreak-as-a-service offerings. The latter enable cybercriminals to trick generative AI bots into answering questions that go against their own policies—primarily for developing malware and social engineering lures.

Also in H1 2024, cybercriminals have been ramping up deepfake offerings to carry out virtual kidnapping scams, conduct targeted BEC-type impersonation fraud, and bypass KYC checks. Trojan malware has been developed to harvest biometric data to help with the latter.

Other highlights from the first half of 2024 include:

• LockBit remains the most prevalent ransomware family despite law enforcement disruption, and has even developed a new variant, LockBit-NG-Dev
• Cybercriminals have leveraged major events such as the Olympics and national elections to launch targeted attacks
• Notable APT campaigns have exploited geopolitical tensions, such as Earth Lusca’s campaign around the China-Taiwan relations
• State-aligned actors used sophisticated techniques to compromise internet-facing routers for anonymisation of targeted attacks
• Various groups have targeted cloud environments, apps and services by abusing exposed credentials, dangling resources, vulnerabilities, and even legitimate (but misconfigured) tools 


About Trend Micro


Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's AI-powered cybersecurity platform protects hundreds of thousands of organisations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, Trend’s platform delivers a powerful range of advanced threat defence techniques optimised for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,000 employees across 70 countries, Trend Micro enables organisations to simplify and secure their connected world. www.TrendMicro.com.au.