F-Secure’s latest attack landscape update, Attack Landscape H1 2020, provides defenders with a big picture on how the threat landscape changed during the first half of the year.
The COVID-19 pandemic has permanently scarred 2020. To date, it’s killed nearly a million people. It’s devastated economies. It’s reshaped how societies and institutions operate, and even how people and companies use technology. Its effects are so enormous, they’re difficult to see without taking a step back to look at the bigger picture.
Cyber attacks and online threats also adjusted to the outbreak. While the pandemic was disrupting lives and organizations’ operations, cyber criminals moved quickly to capitalize on the fear and confusion it spread. In early March, there was a significant increase in spam and phishing emails using issues related to COVID-19.
These emails ranged from scams attempting to trick people into buying masks from fraudulent sources, to cyber criminals attempting to spread malware by manipulating users into opening malicious email attachments. 75% of these malicious email attachments contained infostealers – malware that steals passwords and other sensitive information from people’s computers.
Fortunately, the sudden flood of COVID-themed email attacks began to subside in May. Like the pandemic, the problem hasn’t gone away, but it seems to have improved.
Phishing, spam, and other email threats, however, remain prevalent, continuing trends from previous years. In some respects, it may be getting worse. Email continued to be the most common way for cyber criminals to spread malware in the first half of 2020, which is consistent with findings in previous years. It accounted for just over half of all the malware seen during that time period – up from 43% in 2019.
Other trends from the first half of the year discussed in the report include:
Finance was the most frequently spoofed industry in phishing emails; Facebook was the most frequently spoofed brand Email was the most popular way of spreading malware, and accounted for over half of all infection attempts Infostealers were the most common type of malware spread by attackers; Lokibot was the most common malware family Telnet and SSH were the most frequently scanned ports
Full details on these and other trends are available in the report.Continue reading