IT Brief New Zealand logo
Technology news for New Zealand's largest enterprises
Story image

ESET Research releases T3 2021 Threat Report summarising key cybersecurity research

By Ryan Morris-Reade
Wed 9 Feb 2022

The latest issue of the ESET Threat Report sheds light on the most frequent external attack vectors, the reason behind the rise of email threats, and shifts in the prevalence of some threats due to fluctuating exchange rates of cryptocurrencies.   

ESET Research has released its T3 2021 Threat Report summarising key statistics from ESET detection systems and highlighting notable examples of ESET cybersecurity research, including exclusive, previously unpublished updates on current threats. 

One of the key insights from the research was the ProxyLogon vulnerability being found as the second most frequent external attack vector in ESET's 2021 statistics, right behind password-guessing attacks. Microsoft Exchange servers fell under siege again in August 2021, with ProxyLogon's 'younger sibling', ProxyShell, exploited worldwide by several threat groups.

Other research in the report involves the Log4Shell vulnerability, yet another critical flaw in the ubiquitous Log4j utility that surfaced in mid-December and sent IT teams scrambling, again, to locate and patch the flaw in their systems.

"This vulnerability, scoring a ten on the Common Vulnerability Scoring System, put countless servers at risk of a complete takeover – so it came as no surprise that cybercriminals instantly started exploiting it," says ESET chief research officer, Roman Kov.

"Despite only being known for the last three weeks of the year, Log4j attacks were the fifth most common external intrusion vector in 2021 in our statistics, showing just how quickly threat actors are at taking advantage of newly emerging critical vulnerabilities."

The research presented in the ESET Threat Report T3 2021 also provides previously unpublished information about APT group operations. This time, researchers offer updates on the activity of cyberespionage group OilRig, the latest information on in-the-wild ProxyShell exploitation, and new spearphishing campaigns by the infamous cyberespionage group the Dukes.

ESET says the end of the year was also turbulent for Remote Desktop Protocol (RDP) attacks, which escalated throughout all of 2020 and 2021. The numbers from the last weeks of T3 2021 broke all previous records, amounting to a massive yearly growth of 897% in total attack attempts blocked – even though 2021 was no longer marked by the chaos of newly imposed lockdowns and sudden transitions to remote work.

The report also shows that ransomware, previously described in the ESET Threat Report Q4 2020 as 'more aggressive than ever', surpassed the worst expectations in 2021, with attacks against critical infrastructure, outrageous ransom demands and over USD 5 billion worth of bitcoin transactions tied to potential ransomware payments identified in the first half of 2021 alone. As the bitcoin exchange rate reached its highest point in November, ESET experts observed an influx of cryptocurrency-targeting threats, further boosted by the recent popularity of NFTs.

In mobile, ESET noted an alarming upsurge in Android banking malware detections, which rose by 428% in 2021 compared to 2020, reaching the detection levels of adware – a common nuisance on the Android platform. While email threats saw their yearly detection numbers more than double. This trend was mainly driven by a rise in phishing emails, which more than compensated for the rapid decline in Emotet's signature malicious macros in email attachments. Emotet, an infamous trojan inactive for most of the year, as illustrated in the report, came back from the dead in T3.

The report also reviews some important research findings, with ESET Researchers uncovering FontOnLake, a new malware family targeting Linux, a previously undocumented real-world UEFI bootkit named ESPecter, FamousSparrow, a cyberespionage group targeting hotels, governments, and private companies worldwide, and others. T3 also saw ESET researchers publish a comprehensive analysis of all 17 malicious frameworks known to have been used to attack air-gapped networks and conclude their extensive series of deep dives into Latin American banking trojans.

Related stories
Top stories
Story image
Tech job moves
Tech job moves - ARMA International, Avec, Komo & YouGov
We round up all job appointments from August 15-18, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
Microsoft
CCL launches Managed M365 offering for NZ work environments
CCL, the cloud specialist within Spark Business Group, has recently launched its Managed M365 offering.
Story image
Update
InterSystems releases updates to its IRIS data platform
Provider of next-generation solutions InterSystems has announced a series of new releases to its award-winning InterSystems IRIS data platform.
Story image
Cloud Security
Organisations struggling to secure new cloud environments
“In the wake of COVID-19, organisations substantially accelerated their digital transformation initiatives to accommodate a remote workforce."
Story image
Cloud
Microsoft accelerating NZ tech sector with new data centres
Microsoft’s forthcoming New Zealand data centres are introducing hyperscale public cloud capabilities on a scale previously unseen in the country.
Story image
LawVu
Exclusive: LawVu streamlines the in-house legal struggle
LawVu is a New Zealand-born company successfully transforming the in-house legal industry with its category-defining workspace.
Story image
Mobility
Micro-mobility companies caught at a crossroads - study
Reformulating models, operations and goals, shared micro-mobility companies can tap into a market worth US$9 billion in ride revenues in 2030.
Story image
SaaS
Cloudera launches all-in-one data lakehouse cloud service
CDP One makes it faster, easier and less risky for businesses to move to the cloud and migrate existing workloads to a modern data architecture.
Story image
Business Intelligence / BI
TIBCO ranks highly in 2022 business intelligence study
Dresner Advisory Services has recognised TIBCO as a Service Leader and a Credibility Leader in Business Intelligence in the 2022 Wisdom of Crowds Business Intelligence Market Study.
Story image
Blockchain
Australian Grand Prix uses CENNZnet blockchain for fan experience
CENNZnet was employed by Power'd Digital to deliver the Formula 1 Heineken Australian Grand Prix's 2022 AusGP Access program.
Story image
Cloud
Whispir reports significant revenue growth as CaaS market expands
Australian cloud platform Whispir has announced its financial results, reporting significant growth as it continues to introduce new Communications-as-a Service (CaaS) offerings to the market.
AWS Marketplace
Learn how security orchestration, automation, and response (SOAR) enhances your security strategy.
Link image
Story image
Mobiles
Demand grows for future-proof mobile access solutions
HID Global, in partnership with IFSEC Global, recently released the 2022 State of Physical Access Control report for the fourth year running.
Story image
MarTech
CM Group recognised as Best Overall MarTech Company
MarTech Breakthrough has ranked CM Group as the Best Overall MarTech Company for the third year running and Cheetah Digital as Best Overall Marketing Campaign Management Solution.
Story image
Contact Centre
Treasure Data launches new customer experience functionality
Treasure Data has introduced a new strategic vision and product positioning for Customer Data Cloud, reflecting the company's focus.
Story image
Data
Workday research finds A/NZ organisations becoming leaders in digital agility
New research from Workday and IDC has revealed that Australia and New Zealand are becoming leaders in digital agility.
Story image
Cryptocurrency
Crypto crime: Illicit activity falls with rest of market
Cryptocurrency scams, which typically present themselves as passive crypto investing opportunities, are less enticing to potential victims.
Story image
Digital Transformation
Federated change is the best path to digital evolution
Businesses that can successfully manage the exponentially expanding masses of data produced by modern consumers will be the businesses that survive and prosper.
Story image
Cyber resilience
NZ’s Cyber Resilience Framework to be evolving and potentially automated
The government's already putting $2.4 million into the Cyber Resilience Framework in its initial stages, what is it and why is it important?
Story image
Unified Communications
MAXHUB reveals latest innovations for ANZ at Integrate 2022 in Sydney
Some of the most exciting and innovative updates from this year's Integrate 2022 event have come from the leaders at MAXHUB.
Story image
Data Protection
Safeguarding your financial data
As the digital revolution marches on, managing data security has never been more important. Here are five important steps to take toward better financial data security.
Story image
Cybersecurity
CISOs need to consider a risk-based cybersecurity strategy
Rather than talking in terms of attack vectors and vulnerabilities, CISOs and security decision-makers must look at actual business risk.
Story image
Customer experience
Exclusive: How Accenture is changing the customer experience game
Creating highly personalised real-world customer experiences using API, near-field communication, and spatial technology is about taking a traditional experience and elevating the customer journey into a digital world.
Story image
Artificial Intelligence
Concentric AI protects sensitive data with new capabilities
The new capability reveals sensitive data shared across email and business messaging platforms and highlights who has inappropriate access to content.
Story image
Mobility
Cradlepoint launches architectural extension of NetCloud solution
With this latest release Cradlepoint is focused on helping lean IT organisations with advanced SD-WAN and zero trust capabilities.
Story image
Cybersecurity
‘Windows shops’ target admin rights to de-risk their environments
New data shows up to 75% of critical vulnerabilities could be mitigated through a rights and privileges crackdown
Story image
Microsoft
8x more users attacked via old Microsoft Office vulnerability in Q2
"Criminals craft malicious documents and convince their victims to open them through social engineering techniques."
Story image
5G
Worldwide 5G mobile data traffic exploding - report
"With 5G, there is a wider range of deployment scenarios, forcing vendors to provide comprehensive solutions to support every need."
Story image
Innovation
Arcion extends data replication platform with new capabilities
"Arcion is committed to investing in continuous innovation. Our goal is to be the first choice in whole-product solutions for large-scale data replication."
Story image
Facial recognition
Benefits vs risks of facial recognition technology
Once a distant, futuristic concept, facial recognition technology is now found in many technological applications with a variety of different functions. 
Story image
Environment
Lenovo launches CO2 Offset Service for SMBs across A/NZ
Lenovo has announced the rollout of a new, first-of-its-kind CO2 Offset Service for SMBs across Australia and New Zealand. 
Story image
Banking
Virgin Money works with 9Spokes to create custom offering
Virgin Money has worked with Kiwi SaaS 9Spokes to build a custom version of its business dashboard offering, M-Track, to generate stronger insights for the bank and its customers.
Story image
Gartner Magic Quadrant
Spryker named Gartner Visionary in 2022 Magic Quadrant for Digital Commerce
Spyker has announced it has been recognised by Gartner as a Visionary in the 2022 Magic Quadrant for Digital Commerce.
Story image
IDC
Collaboration app market revenue grows 28.4% year-over-year
IDC has found that global revenues in the collaboration applications market grew 28.4% year-over-year in 2021 to $29.1 billion.
Story image
Cybersecurity
Verizon supports Fujifilm's cybersecurity advancements
Verizon Business is supporting Japan’s Fujifilm Holdings to strengthen its global cybersecurity monitoring and cyber intelligence capabilities.
Story image
Storage
On-premise micro data centres an emerging option for storage
Digital transformation is occurring in all industries, resulting in unprecedented amounts of data. Explore the option of storing your information on-site using micro data centres.
Story image
Email scams
HelpSystems shines light on impact of response-based threats
Response-based attacks targeting corporate inboxes have climbed to their highest volume since 2020, representing 41% of all email-based scams.
Story image
Solutions
Ivanti reveals potential ROI of 261% for Endpoint Management Solution
Ivanti has announced the results of a commissioned Total Economic Impact (TEI) study conducted by Forrester Consulting.
Story image
Sustainability
CDC hyperscale data centres now open in New Zealand
CDC Data Centres (CDC) says two new, state-of-the-art hyperscale data centres are now open for business in Auckland.
Story image
Radware
DDoS activity rises dramatically - Radware report
The first six months of 2022 were marked by a significant increase in DDoS activity across the globe, according to a new report.
Story image
Hybrid Cloud
The essential guide to digital transformation by SolarWinds
Digital transformation is a buzzword thrown around all the time by companies, but what does it actually mean and why is it important? SolarWinds breaks it down.
Story image
Collaboration
Schneider Electric launches Connected Services with Claroty
Schneider Electric is teaming up with Claroty to assist in maintaining cybersecurity for physical assets - a critical issue.