For cybercriminals, the year 2020 afforded a mother lode of opportunities for malicious activities. They took advantage of major events in their schemes to turn in illicit profit. Many techniques old and new were used, to exploit vulnerabilities, misconfigurations, and other security gaps as individuals and enterprises rushed to adopt technologies.
The trend Micro annual cybersecurity report surveys the most notable and crucial security concerns that emerged and persisted in 2020, and provides users and organizations with insights into how they can navigate a drastically changing threat landscape.
119,000 cyber threats were detected, per minute in 2020 as home workers and infrastructure came under new pressure from attacks.
Important key trends in cyber attack
Newly detected ransomware families increased 34%, with “double extortion” attacks – where attackers steal data before encrypting it to force payment by threatening to release the stolen information – and more targeted threats becoming increasingly popular.
Top industries hit by Ransomware attacks were government. Manufacturing, healthcare and banking accounted for 90000 attacks. Top ransomware in detection include Ruyuk, with more then 20000 detection.
- Egregor and DoppelPaymer, two relatively new ransomware families, ranked among the top 10 in terms of detections.
- The newcomer Egregor, which made its mark in the latter months of the year, notably employed the double extortion technique as it went after high-profile targets, including major organizations in retail, gaming, and human resources.
Supply Chain attacks:
While organizations might have enhanced their security, malicious actors could still find ways to their systems by compromising their partners within their supply chains instead. By taking advantage of the established relationship and trust between a target organization and its partners, supply-chain attackers could gain a foothold in the organization’s systems.
One of the most highly publicized supply-chain attacks in recent memory came to light in December in the form of the attack involving Orion, a widely used network management system software developed by SolarWinds. The malicious actors behind the attack inserted vulnerability into certain builds of Orion that could allow attackers to compromise servers running the software.
Jon Clay, director of global threat communications for Trend Micro. “Global organizations have now had time to understand the operational and cyber risk impact of the pandemic. The new year is a chance to adjust and improve with comprehensive cloud-based security to protect distributed staff and systems.”
Other key trends included:
- The number of vulnerabilities published by the Zero Day Initiative (ZDI) increased 40% year-on-year
- Many attacks targeted flaws in VPNs used by remote workers. CVE-2019-11510, a critical arbitrary file disclosure flaw in Pulse Connect Secure, already has nearly 800,000 hits based on Trend Micro customer data.
- Email-borne threats made up 91% of the 62.6 billion threats blocked by Trend Micro last year, indicating that phishing attacks continued to be hugely popular. The company detected nearly 14 million unique phishing
- Cloud service misconfigurations increasingly had consequences in 2020. Trend Micro observed exploitation of unsecured APIs in several cryptocurrency mining attacks.
- The ZDI published 1,453 vulnerability advisories, nearly 80% of which were rated as Critical or High severity.
- On the positive front, there was a 17% fall in detections of BEC attacks, although there’s no indication of how many were successful.
(Image Courtesy: www.d1m75rqqgidzqn.cloudfront.net)