Sikov - stock.adobe.com

No let-up in cyber attacks as lockdown eases

Cyber attacks are up by one-third as the coalescence of cyber activity and nation state-linked threats around the pandemic bears fruit for bad actors

A dramatic and sustained increase in malicious cyber activity looks set to outlast the immediate impact of the Covid-19 coronavirus pandemic, with cyber attacks up by one-third at the end of June compared to March and April 2020, according to Check Point’s mid-year security report.

In the newly released Cyber attack trends: 2020 mid-year report, Check Point said that although Covid-19 attacks had increased dramatically from 5,000 a week in February to 200,000 a week at the height of the pandemic’s first wave, in May and June, as countries started to ease lockdown measures, cyber criminals stepped up their non-coronavirus-related exploits.

“The global response to the pandemic has transformed and accelerated threat actors’ business-as-usual models of attacks during the first half of this year, exploiting fears around Covid-19 as cover for their activities,” said Maya Horowitz, director of threat intelligence and research, products at Check Point. “We have also seen major new vulnerabilities and attack vectors emerging, which threaten the security of organisations across every sector.

“Security experts need to be aware of these rapidly evolving threats so that they can ensure their organisations have the best level of protection possible during the rest of 2020.”

Check Point identified four key trends that it reckons are driving this sustained activity:

  • An escalation in cyber warfare conducted by nation states and nation state-backed actors increased in severity as countries sought to gather intelligence or disrupt their rivals’ pandemic responses. With medical research into Covid-19 ongoing, this trend shows no signs of going away.
  • Double-extortion ransomware attacks are becoming more and more widely used as cyber criminals cotton on to the possibilities inherent in demanding money both to decrypt data, and to prevent them leaking it.
  • Cyber criminals are becoming more adept at bypassing security protections to place malicious mobile apps on official application stores, resulting in an uptick in mobile exploits seen in the wild.
  • The rapid pivot to public cloud services during the pandemic has given cyber criminals a perfect opportunity to attack sensitive cloud workloads and data owned by organisations that may not have paid as much attention as they should to security in their haste. Threat actors are also now using cloud infrastructure themselves, to store malware and ransomware payloads.

Check Point’s findings were backed up by another mid-year report from McAfee, whose researchers also observed dramatic upswings in various types of malicious activity drawing on the pandemic that is outlasting the physical symptoms of Covid-19.

Its Covid-19 threat report: July 2020 also highlights the evolution of ransomware attacks into full-blown data breaches, a 630% increase in attacks against cloud services, concentrating largely on collaboration services, and a 1,902% increase in malware, driven by a 689% increase in volumes of PowerShell malware.

“Thus far, the dominant themes of the 2020 threat landscape have been cyber criminals’ quick adaptation to exploit the pandemic and the considerable impact cyber attacks have had,” said Raj Samani, McAfee fellow and chief scientist.

“What began as a trickle of phishing campaigns and the occasional malicious app quickly turned into a deluge of malicious URLs and capable threat actors leveraging the world’s thirst for more information on Covid-19 as an entry mechanism into systems across the globe.”

Read more about Covid-19’s impact on security

Read more on Hackers and cybercrime prevention