A survey from cybersecurity firm SonicWall revealed that the opportunistic use of COVID-19 pandemic by cybercriminals has resulted in the rise of ransomware and IoT malware attacks globally. The survey “2020 SonicWall Cyber Threat Report” found that ransomware continues to be the most concerning threat to enterprises and the preferred attack method, with 121.4 million attacks (20% increase) reported globally in the first half of 2020. The threat researchers recorded 79.9 million ransomware attacks (109% increase) in the U.S. and 5.9 million ransomware attacks (6% decline) in the U.K.
Decline in Malware Attacks
The survey also sheds light on the global malware attacks, which saw a declining trend since last year. During the first half of 2020, global malware attacks fell from 4.8 billion to 3.2 billion (-24%) over 2019’s mid-year total. The U.S. (-24%), the U.K. (-27%), Germany (-60%), and India (-64%) encountered reduced malware attack volume. However, ransomware has seen a corresponding jump over the same time period.
Changing Attack Landscape
Cybercriminals utilized the global pandemic to launch social-engineered attacks, phishing, and other Coronavirus-related scams. SonicWall researchers detected a surge in scams and exploits specifically based around COVID-19 and noted a 7% increase in COVID-related phishing attempts during the first two quarters.
“COVID-19 phishing began rising in March, and saw its most significant peaks on March 24, April 3 and June 19, 2020. This contrasts with phishing as a whole, which started strong in January and was down slightly globally (-15%) by the time the pandemic phishing attempts began to pick up steam,” the survey stated.
The survey also found a 176% increase in new malware attacks disguised as trusted Microsoft Office file types and 11% of PDF files made up 33% of all newly identified malware in 2020. “Cybercriminals are too sophisticated to use known malware variants, so they’re re-imagining and re-writing malware to defeat security controls like traditional sandboxing techniques — and it’s working,” the survey added.
IoT Continues to Attract Threat Actors
The researchers found a 50% increase in IoT malware attacks, a number that represents the number of additional smart devices that are connected online as employees and enterprises functioning remotely.
The survey findings are based on the threat intelligence data gathered from 1.1 million sensors in over 215 countries and territories.
Bill Conner, SonicWall President and CEO, said, “Cybercriminals can be resourceful, often setting traps to take advantage of people’s kindness during a natural disaster, panic throughout a crisis and trust in systems used in everyday life. This latest cyber threat data shows that cybercriminals continue to morph their tactics to sway the odds in their favor during uncertain times. With everyone more remote and mobile than ever before, businesses are highly exposed, and the cybercriminal industry is very aware of that. It’s imperative that organizations move away from makeshift or traditional security strategies and realize this new business normal is no longer new.”
