In its 2020 semi-annual report, Trend Micro gives specific figures on ransomware attacks, Covid-19 threats, vulnerabilities and much more on the topic of "security in pandemic times".
The Covid-19 pandemic had a major impact on the cybersecurity landscape in the first half of 2020. As people adapted to new work and school environments, companies had to create work-from-home (WFH) setups for their employees while ensuring that their systems were also secure. Malicious actors took advantage of the situation by using the Covid-19 theme for their attacks. Groups of threat actors continued to campaign and expand their reach to new targets and platforms, while ransomware operators continued to focus on targeted attacks. Trend Micro provides an overview of the trends and events of the first half of the year in a summary for mid-2020.
Malicious actors have always used socially relevant events to enforce their plans, and Covid-19 is no different. The security researchers found a variety of incidents in which cyber criminals used pandemic-related bait for their malicious activities, from relatively harmless scams to destructive campaigns spreading advanced malware.
Covid-19 threats in the home office
The abrupt switch to WorkFromHome setups posed numerous challenges for companies. Aside from providing employees with the tools they need to keep operations running, organizations have faced issues of communication, connectivity, and even the allocation of IT resources.
Ransomware operators focus on selected targets
Ransomware has moved from its opportunistic roots, which included non-personalized spam campaigns, to a more targeted approach that often uses credential theft and other complex techniques to compromise the target system. The main victims are organizations that have a lot to lose and are able to meet high ransom demands. The researchers also noted a growing trend in which ransomware operators threaten their victims with disclosing their data if the ransom is not paid.
Vulnerabilities are still a relevant problem
With the shift towards remote work, patching is more important than ever. A large number of published and patched vulnerabilities were reported in the first half of the year, including several critical bugs that have already been exploited in practice. For companies, this could place an additional workload on their IT staff, who have to implement these updates and also ensure that the company's IT infrastructure functions as seamlessly as possible in the new work environments.
Two different groups of vulnerabilities affecting Industrial Internet of Things (IIoT) devices were discovered between late 2019 and early 2020. Such security loopholes could have a significantly damaging impact on affected industries and organizations and lead to possible future regulations for the IIoT in general.
Layered security as a defense against today's diverse threats
The cybersecurity challenges faced by many organizations in the first half of 2020 prove that a tiered solution that can provide a blend of threat prevention capabilities is best suited for a comprehensive security implementation both in the office - as well as in private environments.
More on this in the blog at Trendmicro.com
About Trend Micro As one of the world's leading providers of IT security, Trend Micro helps create a secure world for digital data exchange. With over 30 years of security expertise, global threat research, and constant innovation, Trend Micro offers protection for businesses, government agencies, and consumers. Thanks to our XGen™ security strategy, our solutions benefit from a cross-generational combination of defense techniques optimized for leading-edge environments. Networked threat information enables better and faster protection. Optimized for cloud workloads, endpoints, email, the IIoT and networks, our connected solutions provide centralized visibility across the entire enterprise for faster threat detection and response.