Device-to-cloud cybersecurity company McAfee Labs published its report “McAfee COVID-19 Threat Report: July 2020” that detailed the evolution of cybercriminal activities related to COVID-19 in Q1 2020. McAfee stated that it found an average of 375 new cyberthreats per minute and a surge in COVID-19 related malicious apps, phishing campaigns, and malware attacks. New PowerShell malware increased 688% in Q1 2020, while the total malware grew 1,902% over the past four quarters. New ransomware declined 12% in Q1, while the total ransomware increased by 32% over the past four quarters. Among 458 publicly disclosed security incidents, 50% incidents took place in North America, followed by 9% in Europe. Nearly 47% of all publicly disclosed security incidents occurred in the U.S.
Key findings from the report include:
- Ransomware attacks evolved into data breaches as cybercriminals steal data before encryption
- Disclosed incidents targeting the public sector increased by 73%, individual sector increased by 59%, education industry increased by 33%, and manufacturing sector increased by 44%
- New malware samples slowed by 35%; total malware increased by 27% over the past four quarters. New Mac OS malware samples increased by 51%
- New mobile malware increased by 71%, with total malware growing nearly 12% over the past four quarters
- Disclosed incidents targeting the Americas increased by 60%, incidents targeting Asia-Pacific increased by 27%, while Europe decreased by 7%
- New coin-mining malware increased by 26%, while total coin-mining malware samples increased nearly 97% over the past four quarters
- New JavaScript malware declined nearly 38%, while total malware grew nearly 24% over the past four quarters
- New malware samples increased nearly 58%; total IoT malware grew 82% over the past four quarters
Raj Samani, McAfee Chief Scientist, said, “The dominant themes of the 2020 threat landscape have been a cybercriminal’s quick adaptation to exploit the pandemic and the considerable impact cyberattacks have had. What began as a trickle of phishing campaigns and the occasional malicious app quickly turned into a deluge of malicious URLs and capable threat actors leveraging the world’s thirst for more information on COVID-19 as an entry mechanism into systems across the globe.”
