Trend Micro reported that 119,000 cyber threats were detected by Trend Micro every minute in 2020, growing 20 percent to over 62.6 billion. Home-based workers and network infrastructure were at the top of the list of cyberthreats.
Attackers were after employees working from home to gain access to corporate network resources or using home IoT devices for their own botnets. Trend Micro estimates the number of attacks on home networks grew 210% to nearly 2.9 billion, affecting about 15.5% of routers. 73% of these attacks used a brute-force technique to gain control of a router or smart home appliance.
Among the 62.6 billion threats blocked last year by Trend Micro solutions, email was the attack vector in 91% of cases. This means that phishing remains extremely popular with cybercriminals. The company identified 14 million unique links leading to phishing pages on the web. With these, attackers sought to obtain information from employees who had lost their vigilance while working from home.
"In 2020, companies are facing an unprecedented number of cyberthreats, their vast infrastructure, including in employees' home networks. The main hacking tools continue to be familiar tactics - phishing, bruteforcing and exploiting vulnerabilities - which should help when developing defenses," said Jon Clay, director of Trend Micro's Global Threat Intelligence division. - Organizations around the world have had time to assess the operational and cybersecurity risks associated with the pandemic. The new year gives them a chance to adapt to new threats and apply comprehensive cloud security to help protect their distributed infrastructure."Other notable trends include a 34% increase in the number of new ransomware families used in “double ransomware” attacks: criminals first steal data and demand a ransom not to publish it, and only then encrypt it. Targeted attacks on government organizations, banks, industry, and healthcare facilities are also gaining popularity. The number of vulnerabilities published by the Zero Day Initiative (ZDI) is up 40 percent in 2020 compared to 2019. However, Trend Micro notes that cybercriminals continue to actively exploit vulnerabilities that have been known since 2005.
A large number of attacks exploited vulnerabilities in VPN services of remote workers. CVE-2019-11510, a critical vulnerability in Pulse Connect Secure related to access to arbitrary file reads, appeared in Trend Micro reports of 800,000 cyber attacks. Misconfiguration of cloud services also led to negative consequences in 2020. According to Trend Micro, unsecured APIs were used by cybercriminals in several attacks involving cryptocurrency mining. ZDI also disclosed 1,453 new vulnerabilities, nearly 80% of which are critical or high-risk.
