What 2020 taught us about changing cybersecurity tactics and trends – General – Services – Software

World events and local events bring with them opportunists who wish to capitalize on evolving or influential situations.

The ongoing pandemic is no different as cyber criminals focus on phishing, ransomware, Android malware, and compromising business email for illicit profits.

According to our latest report, this is Webroot BrightCloud 2021 Threat Report, each threat type saw significant fluctuations, and often growth, in 2020 as people shifted to doing traditional personal activities such as shopping and working online.

Some threats are on the decline, but trends are generally up

The report results are generated by BrightCloud Threat Intelligence, which continuously and automatically collects data from over 285 million real endpoints and sensors. It offers a unique firsthand look at the threats and attack trends we saw around the world in 2020.

The year brought a notable update to a trend we’ve seen over the past five years: the number of new malware and Windows infections has decreased. That’s a good thing in and of itself, of course, but this decline also points to some positive factors influencing change. First, it shows the continuous evolution and improvement of our threat intelligence, which enables us to prevent infections before they reach the endpoint. Another positive factor was the significant security updates for Windows 10 in 2020. But, as always, we saw changes in the tactics of threat actors influencing the infection rate, namely that they are now using living binaries (LOLbins) to launch attacks.

Of the PCs infected with malware, we found that around half get infected more than once and 17 percent more than five times. Some of this can be traced back to Windows 7, but we also see that infection rates vary depending on the region and the habits and awareness of end users.

On average, 18.8 percent of consumer PCs in Africa, Asia, the Middle East, and South America were infected. This compares with 8.2 percent for Australasia, Europe, Japan and North America. The rate was lower for business PCs, which had an infection rate of 11.2 percent in the first group and around three percent in the latter group.

Another interesting trend detailed in the report was the changing infection rates by industry and industry, as some were surprised to see where the number of infections fell. Health and social assistance, 41.4 percent less year-over-year, led the industries with the lowest infection rates, while wholesale, mining / oil / gas and manufacturing had the highest infection rates. The latter is becoming more and more interesting in light of the significant ransomware attacks on JBS and Colonial Pipeline recently.

Ransomware threats and models are evolving

It is no longer enough for criminals to infect corporate networks with ransomware, encrypt their data and wait for the payout. Now these same criminals are extorting, not only keeping the data for ransom but threatening to publish it publicly if the ransom is not paid.

Worse still, the amount of money in demand, often in Bitcoin, has skyrocketed in recent years. In 2018, the average ransom payment was around $ 6,700 and in 2019 it was $ 84,000. In 2020, the average ransom peaked at $ 233,000 while the annual average fell to $ 154,000. However, 2021 will have increasing values ​​again with the The average payment is $ 220,000.

It should be noted that ransomware is not the beginning of a compromise. It is actually the end state in which criminals make money. When ransomware is discovered on a company network, the criminals have often been there a long time, watching and waiting. They had the time and resources to plan advanced stages of an attack and even checked a company’s finances to know how much ransom to ask.

BEC and the importance of user training

Business E-Mail Compromise (BEC) continues to plague businesses of all sizes and regions. These are emails that look like they came from a responsible person within a company asking a user to transfer money to an account. Or they may ask for credentials or other identifying information that can be used in appropriate attacks or to reach more potential victims.

While technological solutions are part of the answer to these social engineering threats, the most important piece of the puzzle is Security Awareness Training (SAT) for employees to help them defend the company. One component of the proper SAT is running phishing simulations that reflect the themes and timeliness of real-world phishing lures; e-mail can increase the click-through rate at which users click on an actual, malicious phishing link by up to three Quarter or 72 percent decrease. It is important to have ongoing training to make people aware of new threats and to keep an eye on existing ones.

The past year has certainly tested the adaptability and strength of countermeasures for businesses of all sizes, but with challenges come opportunities for progress and improvement. Going forward, organizations need to make sure they are protected from the multitude of threats they face. This includes investing in threat intelligence technologies, security at the endpoint and network level, and appropriate and consistent employee training. Organizations should also have a good backup strategy, data recovery and rollback plans as part of a comprehensive cyber resilience strategy.

Grayson Milbourne is the Security Intelligence Director at Webroot.

source https://collegeeducationnewsllc.com/what-2020-taught-us-about-changing-cybersecurity-tactics-and-trends-general-services-software/