In the first half recorded a 9 million attacks COVID-19Екатерина Alexandrov
Trend Micro Incorporated has published a study Disrupting the Workplace: Trend Micro antivirus plus 2020 Midyear Report (“Threats in the workplace: report on Trend Micro
state of cybersecurity in the first half of 2020”).
In the first half of 2020, there were almost 9 million attacks COVID-19. Among them messages in e-mail, links, and malicious files that mention the coronavirus. Large
part of these threats relates to spam, but among them met and BEC attacks (compromise of email attack associated with the use of social engineering methods). Published by the Center for
complaints about Internet crime FBI (Internet Crime Complaint Center — IC3) information, the average number of daily complaints about such attacks increased to 3-4 thousand (for
compared to the previous average of approximately 1 million hits). In Russia during the first half of 2020 were more than 655 million attacks using e-mail in Ukraine
and Kazakhstan — 167 million and 56 million respectively.
In connection with the need to translate the activities of many organizations in the mode of remote work in 2020 has sharply increased the number of attacks on routers and user accounts that are used
to gain remote access to the infrastructure of their jobs. The vast majority of the attacks (89%) were performed with breaking in with brute force attacks.
A new trend in the activities of the hackers was the so-called Zoombombing (from the name of the popular videoconferencing service Zoom), ie hacking sessions video with the aim of relatively innocent pranks, and
the distribution of malware. Also, the attackers reacted quickly to the actions of developers on the protection and encryption of video conferencing applications, creating fake sites for download and
introducing your programs and scripts directly in the source files.
Hackers in the period of limitations began to actively implement new methods of targeted attacks, including by using new platforms. Also active groups using ransomware. In 2020
appeared 68 new families of this malware, and the main objectives have included government organizations (16.6 thousand attacks), healthcare (9.4 thousand attacks) and the production
(9.2 thousand attacks). The scheme of actions of criminals has changed: instead of many small sacrifices, which they required relatively small amounts of ransom, the cybercriminals focused on
large companies and increased them for lower limit of payments for the transcript data. In Russia the number of attacks made up of 11.53% of the total in EMEA, but it is only 0,82% of the world in the number of attacks
the use of encoders. In Kazakhstan and Ukraine it amounted to 0.14% and 2.45%, respectively.
Dramatically increased the number of discovered vulnerabilities. According to the data obtained participants in the program Zero Day Initiative (ZDI), compared to the same period last year the increase was
16%. Thus, of the 150 detected vulnerabilities, 11 are zero day exploits.
In the field of mobile applications during this period also observed increased activity of cyber criminals, not least because of the period of self-isolation and the growing popularity of gadgets. In Android OS for the first
half of 2020 was blocked more than 3.5 million malicious applications. While in Russia, they noted 97 thousand, in Ukraine — 36 thousand, and in Kazakhstan only 8 thousand
cybersecurity, cyber security, information security
Trend Micro
