Check Point® Software Technologies has released its Cyber Attack Trends: 2020 Mid-Year Report, which shows how criminal, political and nation-state threat actors have exploited the COVID-19 pandemic and related themes to target organizations across all sectors, including governments, industry, healthcare, service providers, critical infrastructure and consumers.
COVID-19 related phishing and malware attacks increased dramatically from under 5,000 thousand per week in February, to over 200,000 per week in late April. Also, in May and June, as countries started to ease lockdowns, threat actors also stepped up their non COVID-19 related exploits, resulting in a 34% increase in all types of cyber-attacks globally at the end of June compared to March and April.
Key trends revealed in the report include:
- Cyber warfare escalates: nation-state cyber-attacks surged in intensity and severity in H1 as countries sought to gather intelligence on or disrupt rivals’ handling of the pandemic. This extended to targeting healthcare and humanitarian organizations such as the WHO, which reported a 500% increase in attacks.
- Double-extortion attacks: In 2020, a new form of ransomware attack has become widely-used in which the attackers exfiltrate large quantities of data prior to encrypting it. Victims who refuse to pay the ransom are threatened with the data being leaked, putting additional pressure on them to meet the criminals’ demands.
- Mobile exploits: threat actors have been seeking new mobile infection vectors, improving their techniques to bypass security protections and place malicious apps in official application stores. In another innovative attack, threat actors used a large international corporation’s Mobile Device Management (MDM) system to distribute malware to more than 75% of its managed mobile devices.
- Cloud exposure: The rapid move to public clouds during the pandemic has led to an increase in attacks targeting sensitive cloud workloads and data. Threat actors are also using cloud infrastructure to store the malicious payloads used in their malware attacks. In January, Check Point researchers found an industry-first critical vulnerability in Microsoft Azure which would have allowed hackers to compromise data and apps of other Azure tenants, showing that public clouds are not inherently secure.
Read the full release here.