Threat data from the first half of 2020 show the dramatic extent to which cyber criminals and national actors have taken advantage of the global pandemic to carry out cyber attacks around the world. The attackers took advantage of the fear and uncertainty caused by the current events and the sudden abundance of teleworkers outside the company networks.
Exploiting Global Events
Attackers have used headlines as social engineering bait before, but in the first half of 2020 this has taken on a new dimension. From opportunistic phishing attacks to devious nation state operations, cyber opponents have found a variety of ways to take advantage of the global pandemic. This includes phishing and compromise attacks on business emails, campaigns supported by nation states and ransomware attacks. They have exploited both the global character of the pandemic and the simultaneous expansion of the digital attack surface due to the suddenly very high number of home offices. A detailed view of the report and some key recommendations can be found in this post.
Known threats like ransomware are not decreasing. COVID-19 related messages and attachments have been used as bait in various ransomware campaigns. Another ransomware overwritten the computer’s master boot record before the data was encrypted. In addition, there has been an increase in ransomware attacks, in which the blackmailers not only blocked the victims data but also stole it and used the threat of large scale disclosure as additional leverage to extort a ransom payment. This trend increases the risk that companies will lose valuable information or sensitive data in future ransomware attacks. No industry in the world has been spared from ransomware.
For attackers, moving to telework has been an unprecedented opportunity to target users in a variety of ways. For example, web based malware, used in phishing campaigns and other scams, ousted the traditional vector of e-mail earlier this year. In fact, a malware family that used all flavors of web based phishing locks and scams ranked at the top of the malware list in January and February.