Combatting Cybersecurity Threats of the COVID-19 Era
New data reveals that in uncertain times, consumers and businesses need even greater vigilance when it comes to their cybersecurity.
The mid-year update to the 2020 SonicWall Cyber Threat Report highlights an opportunistic use of the COVID-19 pandemic by cybercriminals.
“Cybercriminals can be resourceful, often setting traps to take advantage of people’s kindness and panic in uncertain times, as well as their trust in everyday systems,” says Bill Conner, SonicWall president and CEO. “With everyone more remote and mobile than ever before, the cybercriminal industry is very aware that businesses are highly exposed.”
During the first half of 2020, global malware attacks fell from 4.8 billion to 3.2 billion over 2019’s mid-year total, a continuation of a downward trend. However, less malware doesn’t necessarily mean a safer world; ransomware has seen a corresponding jump over the same time period and continues to be the preferred tool for cybercriminals. Increasing a staggering 20% globally in the first half of 2020, SonicWall logged 79.9 million ransomware attacks (+109%) in the U.S., a trend that continues to ebb and flow based on the behaviors of agile cybercriminal networks.
COVID-19 Email Scams
The global pandemic plus social-engineered cyberattacks has proven to be an effective mix for cybercriminals utilizing phishing and other email scams. Dating as far back as Feb. 4, SonicWall researchers detected a flurry of increased attacks, scams and exploits specifically based around COVID-19. This contrasts with phishing as a whole, which was down slightly by the time pandemic phishing attempts began picking up steam.
Office Lures a Staple
Microsoft Office is a necessity for millions working remotely. Cybercriminals were quick to leverage this shift. Leveraging SonicWall Capture Advanced Threat Protection with patent-pending Real-Time Deep Memory Inspection technology, SonicWall discovered that 22% of Microsoft Office files and 11% of PDF files made up about one-third of all newly identified malware in 2020. The technology identified a record 120,910 ‘never-before-seen’ malware variants during that time — a 63% increase over the first six months of 2019.
“Cybercriminals are too sophisticated to use known malware variants, so they’re re-imagining malware to defeat security controls, and it’s working,” said Conner.
By sending malware across non-standard ports, assailants can bypass traditional firewall technologies, ensuring increased success for payloads. A ‘non-standard’ port is leveraged by services running on a port other than its default assignment. An average of 23% of attacks took place over non-standard ports — the highest mark since SonicWall began tracking the vector in 2018.
IoT Serves Threats
Remote workforces can introduce many new risks, including Internet of Things (IoT) devices like refrigerators, baby cameras and doorbells. A 50% increase in IoT malware attacks mirrors the number of additional devices connected online, as individuals and enterprise alike function from home. Unchecked IoT devices can provide cybercriminals an open door into what may otherwise be a well-secured organization.
As organizations mobilize for their new business normal, they can adapt to new threats in real-time by leveraging the services of security experts. “This new business normal is no longer new,” says Conner. “As everything goes more remote, mobile and unsecure, organizations must move away from makeshift or traditional security strategies.”
Contributed by StatePoint
PHOTO SOURCE: (c) Niyaz_Tavkaev / iStock via Getty Images Plus