sb-au logo
Story image

2020 saw a surge in malware, ransomware and botnets - report

14 Aug 2020

The COVID-19 pandemic has created an urgency for organisations to adjust their defence strategies more than any other recent event, according to new analysis from Fortinet.

The company yesterday released its Global Threat Landscape Report, with research into three central aspects: exploits, malware and botnets. The report was drawn from its array of sensors collecting billions of threat events around the world during the first six months of  2020.

“The first six months of 2020 witnessed an unprecedented cyber threat landscape,” says FortiGuard Labs chief of security insights and global threat alliances Derek Manky.

“There has never been a clearer picture than now, of why organisations need to adjust their defence strategies going forward to fully take into account the network perimeter extending into the home. 

“It is critical for organisations to take measures to protect their remote workers and help them secure their devices and home networks for the long term.”

Here are some of the highlights from the report:

The perimeter gets more personal

With lockdowns put into place across the world came an unprecedented surge in remote working – and this created a particularly ripe opportunity for cyber-attackers. 

According to the report, the first half of 2020 saw many exploit attempts against multiple consumer-grade routers and IoT devices.

Mirai and Gh0st dominated the list of botnets by detections. According to Fortinet, the growth of such threats was driven by a growing interest in the targeting of fresh vulnerabilities in IoT products.

The surge in popularity of BYOD has exacerbated attackers’ attempts to gain access to enterprise networks, with the extension of network perimeters into the home. Criminals used this vulnerability to exploit personal devices that workers use to connect to their organisations’ networks.

Browsers are targets too

According to Fortinet’s research, phishing campaigns utilising web-based malware were more prominent in the early months of 2020 than the more traditional email vector.

This may demonstrate the attempt of cyber-criminals to target their attacks when individuals are the most vulnerable and gullible – browsing the web at home. 

This vulnerability means that browsers continue to be a popular vector of attack, particularly as cyber-attackers show no sign of ending their assault on remote workers.

Ransomware rampant

While phishing and malware have gained significant notoriety as being particularly successful in the wake of COVID-19, ransomware has not been far behind.

Fortinet’s research found that ransomware utilising pandemic-themed messages and attachments were used as lures in much the same way that phishing campaigns used them. Another method of attack included rewriting an infected computer’s master boot record (MBR) before encrypting data. 

Many ransomware attempts go only so far as to encrypt and prevent an organisation from accessing its data, but in 2020 there was an increase in incidents whereby attackers went further by stealing it. Criminals can then hold this above the organisation’s head by threatening to release it, in an attempt to leverage a higher ransom payment.

Fortinet researchers found that this trend heightened the risk of losing troves of invaluable and sensitive data.

The report further identified that the most heavily targeted sectors for ransomware attacks were telcos, MSSPs, education, government, and technology. 

“The dramatic scale and rapid evolution of attack methods demonstrate the nimbleness of adversaries to quickly shift their strategies to maximise the current events cantered around the COVID-19 pandemic across the globe,” says Manky.

“It is wise to consider adopting the same strategy for cyber viruses that we are adopting in the real world. Cyber social distancing is all about recognising risks and keeping our distance.”

Story image
New year, time to update your passwords
The most popular passwords of 2020 were easy-to-guess number combinations, such as 123456, the word password, qwerty, iloveyou, and other uncomplicated options.More
Story image
APAC secure content management market to hit $2.2 billion by 2024
The proliferation of cloud-based deployments will largely drive this, the report says, as the COVID-19 pandemic motivates more enterprises to move their workloads to the cloud and rely more on the internet. More
Story image
McAfee names ThreatQ innovation partner of the year
ThreatQuotient has been named McAfee Global Security Innovation Alliance Partner of the Year for the second consecutive year.More
Story image
Palo Alto Networks advances attack surface management with Expanse
"By integrating Expanse's attack surface management capabilities into Cortex after closing, we will be able to offer the first solution that combines the outside view of an organisation's attack surface with an inside view to proactively address all security threats."More
Story image
Malware variants becoming increasingly prevalent, sophisticated and evolved
"The modern threat landscape and ongoing evolution of malware are loud factors pushing every business to understand and identify modern malware threats and the necessary precautions to take to protect against them."More
Story image
Alibaba Cloud and LGMS tackle hybrid and multi-cloud security
Alibaba Cloud and LGMS, a cybersecurity consulting company, are teaming up to tackle the challenge of security around digital transformation and hybrid cloud.More