Insights for navigating a drastically changing threat landscape

In a recent report, Trend Micro announced it detected 119,000 cyber threats per minute in 2020 as home workers and infrastructure came under new pressure from attacks.

changing threat landscape

Attacks on homes surged

The report also shows that home networks were a major draw last year for cybercriminals looking to pivot to corporate systems, or compromise and conscript IoT devices into botnets.

Attacks on homes surged 210% to reach nearly 2.9 billion—amounting to 15.5% of all homes. 73% of attacks on home networks involved brute forcing logins to gain control of a router or smart device.

Email-borne threats made up 91% of the 62.6 billion threats blocked last year, indicating that phishing attacks continued to be hugely popular. The company detected nearly 14 million unique phishing URLs in 2020 as attackers targeted distracted home workers.

“In 2020, businesses faced unprecedented threat volumes hitting their extended infrastructure, including the networks of home workers. Familiar tactics such as phishing, brute forcing and vulnerability exploitation are still favored as the primary means of compromise, which should help when developing defenses,” said Jon Clay, director of global threat communications for Trend Micro.

“Global organizations have now had time to understand the operational and cyber risk impact of the pandemic. The new year is a chance to adjust and improve with comprehensive cloud-based security to protect distributed staff and systems.”

Changing threat landscape

  • Newly detected ransomware families increased 34%, with “double extortion” attacks – where attackers steal data before encrypting it to force payment by threatening to release the stolen information – and more targeted threats becoming increasingly popular. Government, banking, manufacturing and healthcare were the most targeted sectors.
  • The number of vulnerabilities published by the Zero Day Initiative (ZDI) increased 40% year-on-year, but there are still flaws from as far back as 2005 being heavily exploited.
  • Many attacks targeted flaws in VPNs used by remote workers. CVE-2019-11510, a critical arbitrary file disclosure flaw in Pulse Connect Secure, already has nearly 800,000 hits based on customer data.
  • Cloud service misconfigurations increasingly had consequences in 2020. There has been an exploitation of unsecured APIs in several cryptocurrency mining attacks.
  • The ZDI published 1,453 vulnerability advisories, nearly 80% of which were rated as critical or high severity.
  • On the positive front, there was a 17% fall in detections of BEC attacks, although there’s no indication of how many were successful.

Don't miss