2020 has proven, in many ways, that the cybersecurity industry does not exist in a static bubble; rather it shifts and changes in accordance with and in response to the events of the world around it. Make calculated adjustments to your security strategy by taking a look at the trends we’ve seen over the first half of 2020 and what you can expect from this new normal.
The Impact of Covid-19 on the Cybersecurity Landscape
For many people, working from home became not just an option, but a necessity, as the pandemic forced organizations around the world to reconsider how and where they work.
Now, businesses need to determine whether to make remote working a permanent choice. Moving to the cloud makes sense in these times, but cloud-based storage, services, and applications are not airtight. They should be thought of as an extension of the existing attack surface. You need to be prepared to secure your evolving corporate attack surface, because cybercriminals have proven they will not be hindered by the global pandemic.
In fact, Trend Micro blocked 8.8 million Covid-19-related threats in the first half of 2020, with the peak months being April and May. Email made up 91.5% of all Covid-19 related threats, with spam emails being a primary tool for cybercriminals attempting to take advantage of fear driven by the pandemic. Moreover, the U.S. saw the highest percentage of Covid-19 threats compared to any other country, at 38.4%.
Threat Actors Continue to Launch Campaigns
Our security predictions for 2020 forecasted that critical public infrastructure and government IT systems would be a primary focus for extortionists, with ransomware being their preferred weapon of choice. Sure enough, we saw that government-related organizations and businesses were the most highly targeted industry for ransomware operators, continuing the trend we observed in 2019. Healthcare and manufacturing were the second and third most targeted industries, respectively. Other sectors that showed a relatively high number of attack attempts included finance, education, technology, oil and gas, insurance, and banking.
Overall, the number of ransomware attacks have decreased significantly, however, there’s a marked shift from opportunistic ransomware to targeted ransomware. Targeted ransomware attackers know the network that targets are on, know how to cause the most damage, and ultimately demand higher ransom payments. According to a report from Coveware, as of the first quarter of 2020, the average ransom demand for a Ryuk infection rose to USD 1.3 million, from approximately USD 800,000 in the fourth quarter of 2019.
Fewer overall numbers of ransomware attacks does not mean these attacks are any less impactful, and we may see a similar overall dollar amount lost despite the significant percentage decrease in overall attacks.
A Multilayered Defense Helps
Unusual times call for a more robust security strategy. Siloed tools and single layers of protection for the individual components of a company’s system are proving to be insufficient. Instead, businesses should look for a multilayered approach that can provide a mix of threat defense capabilities, such as detection, investigation, and response across multiple environments—email, endpoints, servers, cloud workloads, and networks. These kinds of security solutions can provide a wide range of indicators and analytics that enable IT staff to see the bigger picture without having to dedicate a significant chunk of their time and resources to sift through a mountain of alerts and other data. Now, more time can be spent ensuring that the company’s systems are running as smoothly as possible.
Continue to learn more about the most significant stories and trends that have changed the cybersecurity landscape by reading Securing the Pandemic-Disrupted Workplace: Trend Micro 2020 Midyear Cybersecurity Report.