2020: The year of fake news

1 January 2021
| No comments
Fake news home office

Share post

2020: The year of fake news, corona-related scams and ransomware. This year, the coronavirus has got its grip on both the real world and the cyber world. Other topics include home office, deep fakes, phishing attacks, mobile adware and stalkerware.

Avast, a global leader in digital security and privacy solutions, looks back on some of the most recognizable cyber threats of the year. 2020 was dominated by the coronavirus that hit the whole world, including the cyber world. As Avast found, cyber criminals took advantage of the pandemic, targeting scams and launching phishing attacks to exploit people's weaknesses during this difficult time. Ransomware attacks were on the rise again this year, and even medical facilities were not spared. Threats like stalkerware and adware have spread as users spend more time on their mobile devices with contact and exit restrictions. Cyber ​​criminals have increasingly tried to spread mobile adware to a younger target group via popular social platforms such as YouTube, TikTok and Instagram.

Corona fakes and scams

In addition to fake news, corona-related fake shops and malware also made the rounds in 2020. A number of scams circulated specifically targeting people looking for information about Corona and related issues such as the delivery of face masks and ventilators. Avast has observed "malvertising" campaigns adapted to the situation, as well as fake shops and counterfeit products such as cures and medicines to fight the virus that were offered online. Hackers have used the World Health Organization name and logo to trick people into downloading malware that was distributed via email, SMS, or other means. In addition, through apklab.io, its mobile threat intelligence platform, Avast has tracked down more than 600 malicious applications, including Trojans and spyware for mobile banking, disguised as apps that offer a corona-related service.

Fake News

Fake news has spread widely during the pandemic, including claims that Bill Gates created or funded the coronavirus to sell vaccines and gain power. Other examples of fake news include conspiracy theories that say democratic governments are using the virus as an excuse to turn their systems into autocracies and that 5G is responsible for spreading the coronavirus.

“To sum up the year 2020: It was a year of fake news and scams that took advantage of the pandemic. Cyber ​​criminals exploit trends to attract as many potential victims as possible. We saw how they adjusted their attacks as users are searching for information right now and are more vulnerable to attack. Additionally, given the current restrictions, many people are online more often, so the number of potential victims of cyberattacks has likely increased, ”said Luis Corrons, security evangelist at Avast.

Ransomware attacks

During the first few months of the pandemic, Avast saw an increase in ransomware attacks. Compared to January and February of this year, they increased by 20 percent in March and April.

Several ransomware attacks were carried out on hospitals in 2020 despite the fact that cyber criminals publicly announced that they would no longer target hospitals. Avast has supported hospitals and other companies that were attacked with ransomware. Among the victims was the University Hospital Brno in the Czech Republic, which is also a test center and was infected with Defray777. Healthcare facilities have been attacked with Maze ransomware, which steals data, encrypts it and threatens to publish it if the ransom is not paid. The death of a woman who had to be moved to another clinic after a ransomware attack on a hospital in Düsseldorf and died on the way caused a sensation in this context.

When healthcare institutions are victims

“When healthcare institutions fall victim to ransomware, it can cause major financial losses, such as loss of patient records and delaying or canceling treatments. In the worst case, patients can lose their lives if relocation is necessary due to failing devices. Health facilities are already in a state of emergency due to the pandemic, so a cyber attack is currently a particular challenge, ”explains Luis Corrons.

In addition to healthcare facilities, companies like Garmin, Jack Daniels and the Ritz in London also faced ransomware attacks in 2020. Other known victims of multi-million dollar ransom attacks include the University of California at San Francisco, Travelex, and California-based defense company Communications & Power Industries (CPI).

Challenges in the home office

The pandemic forced many companies to send employees home so they can work from there. According to a survey by the European Foundation for the Improvement of Living and Working Conditions, almost half of the European workers surveyed worked at least temporarily during the corona pandemic, a third of them exclusively in the home office. The employees took their company devices home with them, which increased the attack surface for companies, since the infrastructure of the home network is usually not as secure as a company network. With millions of workers around the world using Remote Desktop Protocol (RDP) to access their corporate network remotely on a daily basis, this tool has become a powerful vector of attack. Avast has seen an increase in attacks in 2020 that specifically target the RDP for ransomware attacks.

"Not all companies were prepared to allow employees to work from home on such short notice, so home networks were not well secured and businesses were at risk," said Luis Corrons. "According to Gartner, PC shipments in EMEA increased by 2020 percent in the second quarter of 20, which is likely due to companies buying PCs to enable their employees to work from home."

Deep fakes take off

Deep fakes, especially with pornographic content, appeared more frequently in 2020, including explicit deep fakes by TikTok users. In a presentation at the virtual conference by Avast, CyberSec & AI, Connected, Professor Hany Farid from UC Berkeley emphasized that technology is advancing rapidly and creating deep fakes is becoming easier and easier. The speed with which deep fakes can spread due to social media is also increasing. Farid also noted that "nothing has to be true anymore," which means people will believe fakes, especially when it comes to political deep fakes.

Phishing attacks

Phishing is a lucrative business for cyber criminals to steal money and personal information from people - and a long-running attack technique that hasn't declined in 2020. In March there was a sharp 7,9 percent increase in phishing attacks worldwide that used coronavirus-related topics. Over the year as a whole, however, the increase in phishing attacks with the topic of Covid-19 was small with an increase of 1 percent.

Mobile adware developers use social media

Of all the Android threats that Avast detected in 2020, adware was the most prominent malware with a share of nearly 50 percent in the first quarter, over 27 percent in the second and 29 percent in the third quarter. The HiddenAds family, a trojan disguised as a safe and useful application but displaying intrusive advertisements, stood out as it kept making it back to the Google Play Store. Avast has also discovered scam apps in the Apple App Store. This year alone, the Avast Threat Lab found over 50 fraudulent apps on Google Play and the App Store that needed to be removed.

“Adware developers are increasingly using social media channels, like any other marketer would, to increase the number of app downloads. Users reported being attracted by advertisements for adware apps on YouTube, and in September we discovered that adware was being distributed through TikTok profiles. The popularity of these social networks makes them an attractive advertising platform - also for cyber criminals who want to target a younger audience, ”says Jakub Vávra, threat analyst at Avast.

stalkerware

Stalkerware is a growing category of malware with both worrying and dangerous implications. Avast found parallels between the use of stalkerware and the corona lockdown in the spring. Stalkerware is usually stealthily installed on cell phones by friends, jealous spouses and life partners, ex-partners, and even worried parents without the victim's knowledge, for the purpose of tracking the victim's physical whereabouts or visits to websites on the internet, text messages and phone calls to monitor. The Avast Threat Lab found spyware and stalkerware increased 51 percent from March to June compared to the first two months of the year.

According to an article by researchers at Brigham Young University in the United States, who compared domestic violence emergency calls in 14 major US cities before and after corona-related contact restrictions began, there was a 10,2 percent increase in calls. The Technical University of Munich and the Leibniz Institute for Economic Research asked 3.800 women between 18 and 65 years of age in Germany about their experiences with domestic violence during the Corona crisis. The survey shows that physical violence against women has recently increased by 3,1 percent and emotional violence by 3,8 percent.

Looking back at 2020

“Cyber ​​criminals do not stop at the pandemic. As people spend more time online, they are taking the opportunity to use old tricks to spread false information, use scams and target large companies with ransomware attacks, ”continues Luis Corrons. “While technology is a great tool for all of us these days to keep in touch, communicate and maintain our daily work routine, we advise people to be very careful and careful online. You should review news, applications, links, sales offers, and even video content before trusting them as they could be tampered with. "

Find out more at Avast.com

 

About Avast

Avast (LSE: AVST), a FTSE 100 company, is a leading global provider of digital security and privacy products. Avast has over 400 million online users and offers products under the Avast and AVG brands that protect people from threats from the Internet and the evolving IoT threat landscape. The company's threat detection network is one of the most advanced in the world, using technologies like machine learning and artificial intelligence to detect and stop threats in real time. Avast's digital security products for mobile, PC or Mac have been top-rated and certified by VB100, AV-Comparatives, AV-Test, SE Labs and other test institutes.

 

Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

IT security: NIS-2 makes it a top priority

Only in a quarter of German companies do management take responsibility for IT security. Especially in smaller companies ➡ Read more

Cyber ​​attacks increase by 104 percent in 2023

A cybersecurity company has taken a look at last year's threat landscape. The results provide crucial insights into ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Mobile spyware poses a threat to businesses

More and more people are using mobile devices both in everyday life and in companies. This also reduces the risk of “mobile ➡ Read more

Crowdsourced security pinpoints many vulnerabilities

Crowdsourced security has increased significantly in the last year. In the public sector, 151 percent more vulnerabilities were reported than in the previous year. ➡ Read more

AI on Enterprise Storage fights ransomware in real time

NetApp is one of the first to integrate artificial intelligence (AI) and machine learning (ML) directly into primary storage to combat ransomware ➡ Read more

Stories
, , , , , , ,