WIXLIB

Turning Knowledge into Power 10#3: T argeted attacks andadvanced persistent threatsCONTINUEDAnalyzing the attack lifecycle helps security researchers understand how hackers evolve theirTTPs and provides insight into how organizations can minimize the risk of being breached, as wellas detect when a breach has occurred and remediate it.Trend Micro researchers regularly analyze attacks against organizations, providing insight intoeach step of the attack life cycle and how best to protect against it. A recent example comesfrom Trend Micro’s participation in the MITRE ATT&CK evaluation, which found MITRE takingon the persona of APT29, a threat group that has been attributed to the Russian government.This resulted in Trend Micro being ranked among the top tier of EDR vendors for our detectionrates (91%, based on initial product configurations). Trend Micro also excelled at managing alertvolumes to avoid alert fatigue as well as giving security analysts access to the type and depthof visibility they need when looking into detailed attacker activity—showing a great balance ofdetection capabilities (especially higher confidence detections) across the full attack chain.Our detection coverage results would have remained strong without human involvement—approximately 86% detection coverage. Our MDR service boosted it to 91%.WHAT THISMEANS FOR YOURORGANIZATIONTrend Micro gives you visibility into threats across yourFindings from Trend Micro Research contribute to theentire technology infrastructure to help identify attackerscomprehensive defense and analytics capabilities of ouras they attempt to laterally move across a network. We doproducts, which are used globally to identify targeted attacksthis by collecting threat intelligence from mobile, endpoint,and advanced threats. Trend Micro uses specialized engines,server workloads (physical, virtual, cloud and containers),lateral movement detection, custom sandboxing, andnetwork, messaging, and gateway instances to correlateseamless correlation across the entire attack lifecycleattack data.to detect threats.

Turning Knowledge into Power 11#4: Artificial intelligence andmachine learningArtificial intelligence (AI) and machine learningmalware, macro malware, exploits, malicious(the method that helps AI-based systems getURLs and domains, social media threats,smarter) are critical capabilities for cybersecurity research and solutions,helping detect spam, phishing,exploits, and many other threatsransomware, business email compromise(BEC), targeted attacks, and domaingenerated algorithms (DGAs), aswell as identification of good files.or attacks far faster and moreaccurately than humans.Many forward-looking researchersare included in this group withinTrend Micro researchers anddata scientists have been workingwith these technologies since 2005,developing solutions to combat threatsTrend Micro Research. Theseresearchers consider how AI andmachine learning will be utilized tocombat cyber threats in the future — as wellwhere AI and machine learning can be used toas how cybercriminals may themselves use AIimprove detection. Some of the many areasand machine learning to increase the frequencyof use include detection of spam, phishing,and success of attacks.WHAT THISMEANS FOR YOURORGANIZATIONMore than 20 APPLICATIONS ofAI and machine learning are alreadyincorporated into Trend Micro products,giving you access to state-of-the-artsecurity with advanced threat protectioncapabilities.Recently MORE THAN 2,000Trend Micro employees competed inan AI-focused development contestto improve their understanding ofAI applications. This commitmentand broad support across thecompany fosters furtherinnovation using AItechnology.

Turning Knowledge into Power 12#5: IoT, IIoT, OTSmart homes, smart factories, smart cars, andour homes, businesses, factories and publicsmart transportation systems are all part ofinfrastructure. Trend Micro researchers studythe next wave of innovation that will transformthese areas to better understand how thesehow people and organizations use technology.technologies are currently being used, howHowever, cybercriminals and bad actors arethey could be used in the future, and how threatalso eager to exploit vulnerabilities in theactors could potentially abuse them. Examplesdevices, software, protocols, and apps used inof our research areas include:the internet of things (IoT), industrial internetof things (IIoT), and operation- al technology(OT) that increasingly connects and controls Exploitation of vulnerabilities in roboticmanufacturing and radio frequency (RF)equipment used in industrial machines Hacking of medical devices used inWHAT THISMEANS FOR YOURORGANIZATIONTrend Micro’s Smart Home Networksolutions identified MORE THAN1.8 BILLION malicious events on ourcustomers’ home networks in 2019.We launched Trend Forward Capital, aventure capital firm that is investingUS 100 MILLION in support ofunique IoT-focused companies.healthcare facilities Hijacking the communication protocols usedby drones that have been approved for useover large groups of people Exploitation of consumer devices, such askitchen appliances, smart TVs, and more,that are increasingly connected to theinternetWe also recently launched a jointventure, TXOne Networks,focussed on helping Trend Microbe a leader in IoT security inthe years to come.

Turning Knowledge into Power 13#6: The criminal undergroundCriminal underground communities canTrend Micro employs researchers around the globe to analyzebe a valuable source of information onthe many criminal undergrounds that exist, including thoseDigital Souks:everything from which cybercriminal groupsA Glimpse into the Middle Eastern andNorth African Undergroundare currently active to new TTPs used in thein Russia, China, North and South America, France, Germany,Japan, West Africa, and the Middle East.latest attacks. However, threat actors don’tHaving regionally-supported researchers is critical, as many ofwork in an isolated area of the world; an actorin Russia may target an organization in theMayra Rosario FuentesTrend Micro Forward-Looking Threat Research (FTR) TeamCybercrime inWest AfricaA TrendLabsSM Research PaperU.S. or South America. To have visibility intothe entire threat landscape, researchers arePoised for an Underground Marketthese undergrounds operate based on local languages, normsand values, which researchers must understand in order to gainTrend Micro and INTERPOLaccess to and participate in the community. This research givesA Trend Micro and INTERPOL Joint Research Paperneeded within many regions throughout theTrend Micro valuable insight and threat intelligence that areworld to collect and investigate threats and actor information.used to protect customers from the threats employed by thesebad actors.WHAT THISMEANS FOR YOURORGANIZATIONTrend Micro operates 15GLOBAL RESEARCHCENTERS for maximum coverage. We use theknowledge gained from research into criminalunderground communities to improve our products andthe protections used against the threats launched bythese actors. This knowledge also helps to inform howwe react to threats and helps our customers respondeffectively to new attacks.

Turning Knowledge into Power 14#7: Future threat landscapeWhat will cyber threats be like in six months?which challenges enterprises, organizations andTwelve months? Five years? How will malwaregovernments will face as they move to protectcontinue to change and evolve? Which newthemselves and their customers, employees andforms of attacks will emerge?constituents against new threats.Exploring and understanding all of these areTrend Micro Research includes dedicatedthe focus of forward-looking threat research:security experts who analyze the existingto anticipate the future threat landscape andthreat landscape and the overall computinglandscape, including changes to infrastructure.They identify current and emerging trends,technologies, user behavior and marketand geopolitical shifts that help them buildpredictive models of what the threat landscapewill look like at intervals in the future.The results of this research are published onMAPPINGTHE FUTUREDealing With Pervasive and Persistent ThreatsTREND MICROSECURITYPREDICTIONSFOR 2019a regular basis and available for business,technology and government leaders to use asa planning tool and guidance for cybersecuritystrategies.WHAT THISMEANS FOR YOURORGANIZATIONTrend Micro’s history of innovationand hundreds of patents showcase ourcommitment to the development oftechnologies and solutions to protectour customers in the future. Ourresearchers work directly with theTrend Micro product developmentteams to build proof-of-conceptsand ultimately embed or buildnew capabilities to protect ourcustomers.

Turning Knowledge into Power 15Everyone benefits from Trend Micro ResearchIt takes the collective efforts of many to thwart the malicious efforts of a few bad actors. By contributing analysis, insight and understandingacross all seven critical areas explained in this ebook, Trend Micro Research helps improve cybersecurity for everyone.CustomersPublic and private partnershipsTechnology vendorsProduct development: Trend Micro ResearchTrend Micro is active in public and private partner-We help vendors of operating systems andprovides product development teams with insightsships that focus on helping organizations aroundapplications such as Adobe, Microsoft, and VMware into how to protect against threats, which helpsthe world improve cybersecurity. For example,create patches against vulnerabilities ahead of publicus improve protection capabilities and buildwe work extensively with law enforcement or-disclosure . We’re also committed to long-standingnew solutions for our customers. This processganizations such as the U.S. Federal Bureau ofrelationships with leading software vendors and theallows us to continually bring innovative newInvestigation and the U.S. Secret Service. Weresearch community to influence the importance oftechnologies and solutions to the market.also have a researcher on staff at Interpol Cybersecurity in the product development life cycle .Threat intelligence: The Smart ProtectionNetwork is a global threat intelligence machinethat collects, identifies, and helps protectTrend Micro customers from new threats. This24/7/365 infrastructure is where many of theHeadquarters in Singapore to help with investigations aimed at bringing cybercriminals to justice.Part of this interaction includes working withorganizations that can help dismantle criminalinfrastructures, including botnets.new protection capabilities are hosted once theyWe are partners with Information Sharing andIoT/IIoT manufacturersare identified and published, delivering increasedAnalysis Centers (ISACS) and the Consortium forTrend Micro helps IoT and IIoT manufacturersprotection for our consumer, business andElectric Reliability Technology Solutions (CERTS)improve the security of their products and thegovernment customers around the world.for the infrastructure industry, as well as thewider IoT/IIoT ecosystem, enhancing protectionHealth Information Trust Alliance (HITRUST),throughout the entire device lifecycle. In fact,which focuses on information security for theTrend Micro and Moxa, a leader in OT technology,healthcare industry. We partner with several majorrecently launched a joint-venture called TXOnehealthcare providers in the U.S. to improve theNetworks to focus on securing industrial systems.sharing process for threat intelligence.

Turning Knowledge into Power 16ConclusionCommitted to securing our increasingly connected world, Trend Micro invests heavily in security research capabilities as well as the people who perform these functions,recognizing that threat actors never stop and are constantly changing how they attack people and organizations around the globe. This investment allows us to turnknowledge into power, providing critical information for use in our products as well as fueling innovation in new technologies to protect against threats today and those thatwill come in the future.Stay up-to-date on the latest threats and the shifts in cybercriminal activities by following our blogs, researchreports, and security reports within our Research section on our website.About Trend Micro ResearchTrend Micro, a global leader in cybersecurity, helps to make the world safe for exchanging digital information. Our innovative solutions provide our customers with layeredsecurity for data centers, cloud workloads, networks, and endpoints.At the heart of our leadership, Trend Micro Research is powered by experts who are passionate about discovering new threats, sharing key insights with the public, andsupporting efforts to stop cybercriminals. Our global team helps identify millions of threats daily, leads the industry in vulnerability disclosures, and publishes innovativeresearch on targeted attacks, artificial intelligence, Internet of Things (IoT), cybercriminals, and more. We continually work to anticipate the next wave of threats anddeliver thought-provoking research that can shape strategic industry direction.For more information, visit www.trendmicro.com 2020 by Trend Micro, Incorporated. All rights reserved. Trend Micro, the Trend Micro t-ball logo, and Trend Micro Smart Protection Network are trademarks or registered trademarksof Trend Micro, Incorporated. All other product or company names may be trademarks or registered trademarks of their owners. [EBK01 Turning Knowledge eBook 200916US]

digital protection . Built into our security DNA, Trend Micro Research is at the forefront of understanding the global cybersecurity challenges facing our increasingly connected world . Our large, global team of dedicated experts enables us to provide our customers, public and private partners, and the broader dig-