- Sony unveils its 2025 Bravia TV lineup, and a new flagship OLED has me excited
- Apple Rolls Out iOS 18.4 With New Languages, Emojis & Apple Intelligence in the EU
- SolarWinds launches incident response tool, boosts AI in observability platform
- Linux Foundation Networking shares new AI projects, milestone releases
- Connecting the fans: Cisco's tech-driven transformation of St. Louis CITY SC
One Ransomware Victim Every 10 Seconds in 2020
A new organization became a victim of ransomware every 10 seconds in 2020 with remote workers experiencing a sharp uptick in threats, according to Check Point.
The security vendor’s 2021 Security Report is compiled from its ThreatCloud intelligence sensor data, its own research and recent surveys of IT professionals.
The report claimed that consumers and organizations face 100,000 malicious websites and 10,000 malicious files every day, with double extortion ransomware in particular on the rise. In Q3 2020, nearly half of all ransomware incidents involved theft of data from the targeted organization.
However, there’s still plenty of room for expansion in the market in 2021, as only 5% of malware attacking global corporate networks was ransomware last year, according to Check Point. The most popular by far was botnet traffic (28%) followed by crypto-miners (21%), information stealers (16%), mobile (15%) and banking malware (14%).
RDPs were the most popular attack vector for ransomware in the first half of the year, with brute force attacks targeting weak or previously breached passwords a popular tactic.
Remote workers were also targeted via email: Check Point pointed to the increasing popularity of “thread hijacking” functionality in Emotet and Qbot Trojans.
“Once a single victim is infected, the attackers leverage that person’s old email conversations for malware distribution, forwarding the last email of the thread and adding malicious files as attachments,” the report explained.
“This makes it easier to trick new victims that are within the victim’s social and professional domain, as from their perspective they’re receiving an email from a trusted colleague concerning a known subject.”
Elsewhere, Check Point highlighted the risks of cloud and mobile. It claimed that 80% of enterprises found their existing security tools don’t work at all or only have limited functionality in the cloud, while nearly half (46%) of organizations have had at least one employee download a malicious mobile app.
In terms of verticals, monthly attacks on healthcare jumped 37% in 2020 as cyber-criminals sought to capitalize on organizations distracted by the fight against COVID-19.
