The IBM X-Force Threat Intelligence Index 2020 highlights high-profile security events of 2019 and forecasts trends that will occur in 2020. The report is comprised of insights and observations from data analyzed via hundreds of millions of protected endpoints and servers across over 100 countries. The report features data IBM collected between January 1, 2019 and December 31, 2019, to deliver insightful information about the global threat landscape and inform security professionals about the threats most relevant to their organizations.
McAfee sees a surge of COVID-19-themed malicious apps and other attacks in the first quarter.
McAfee Labs saw an average of 375 new threats per minute and a surge of cybercriminals exploiting the pandemic through COVID-19-themed malicious apps, phishing campaigns, malware, and more during the first quarter of 2020, the cybersecurity company is reporting.
Disclosed incidents targeting the public sector, individuals, education and manufacturing increased; nearly 47% of all publicly disclosed security incidents took place in the United States, according to the McAfee COVID-19 Threat Report: July 2020.
Further, ransomware attacks have evolved into data breaches as cybercriminals steal data prior to encryption, the company said. Threats targeting cloud services increased 630%, concentrated largely on collaboration services such as Microsoft 365.
“Thus far, the dominant themes of the 2020 threat landscape have been cybercriminals’ quick adaptation to exploit the pandemic and the considerable impact cyberattacks have had,” said Raj Samani, McAfee fellow and chief scientist, in a statement.
“What began as a trickle of phishing campaigns and the occasional malicious app quickly turned into a deluge of malicious URLs and capable threat actors leveraging the world’s thirst for more information on COVID-19 as an entry mechanism into systems across the globe.”
Each quarter, McAfee assesses the state of the cyber threat landscape based on in-depth research, investigative analysis, and threat data gathered by its Global Threat Intelligence cloud from over a billion sensors across multiple threat vectors around the world, the company said.
New pandemic-focused topics emerged
McAfee researchers found that COVID-19 campaigns use pandemic-related subjects including testing, treatments, cures, and remote work topics to lure targets into clicking on a malicious link, downloading a file, or viewing a PDF.
To track these campaigns, McAfee Advanced Programs Group (APG) has published a COVID-19 Threat Dashboard, which includes top threats leveraging the pandemic, most targeted verticals and countries, and most utilized threat types and volume over time. The dashboard is updated daily at 4 pm ET.
“Cybersecurity cannot be solved by cookie cutter approaches; each organization is unique and has specific intelligence requirements and objectives,” said Patrick Flynn, head of McAfee APG, in a statement. “The McAfee COVID-19 Threat Dashboard utilizes data to create true analyzed intelligence, which allows users to understand the total threat environment, informing them of potential threats before they are weaponized.
Data breaches: The new ransomware attacks
Over the first quarter of 2020, McAfee observed malicious actors focus on sectors where availability and integrity are fundamental, including manufacturing, law and construction firms.
“No longer can we call these attacks just ransomware incidents. When actors have access to the network and steal the data prior to encrypting it, threatening to leak if you don’t pay, that is a data breach,” said Christiaan Beek, senior principal engineer and lead scientist, in a statement. “Using either weakly protected Remote Desktop Protocol or stolen credentials from the underground, we have observed malicious actors moving at light speed to learn the network of their victims and effectively steal and then encrypt their data.”
Cybersecurity Insider Newsletter
Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.
Delivered Tuesdays and Thursdays
For the Spring 2020 edition of the Unit 42 Cloud Threat Report, our team of elite cloud threat researchers uncover where cloud vulnerabilities are surfacing in infrastructure as code (IaC) templates, as well as providing a deep dive into cryptomining operations and broader cybercrime trends.