What the numbers show thus far
At Bytagig we’ve gone to great lengths detailing the rise of malware and ransomware. More so, diving into how it’s blossomed since the beginning of COVID-19. Numerous reasons exist for this. From a politically charged climate to uncertainty about the virus, to the rapid adoption of remote infrastructure, it’s been a breeding ground for threat actors across North America.
To give a bigger picture, we’ll provide some hard numbers. From malware variants to the type of attacks used, it’s a messy situation. The prevalence of malware threats and associated dangers isn’t only because of the pandemic, mind. COVID-19 simply forced the creation of an environment the general IT world was not prepared for. It’s a principle that can seem abstract, so, by introducing hard numbers, you can really see the scope of the present dangers.
Ransomware has come up time and time again, and for good reason. Its prevalence in the threat market has always been high, but with COVID-19, exploded on the IT scene. On a global scale, ransomware rose in usage by 62%. In North America, however, variants saw greater use, hitting a saturation point of over 150%.
It makes sense. Deploying ransomware attacks is no longer a task suited for elite groups or those with extensive cybersecurity knowledge. Malware kits and ransomware-as-a-service suites are easily purchasable on the dark web. And, considering the high fiscal reward associated with a successful breach, would-be hackers from every corner are eager to exploit network weaknesses.
Adding to this, a surge of malware types emerged over the course of 2020. Any individual virus has its own complications, some small, some large. While they’re usually detected early and stopped, it’s the amount that counts – a viral overload (ironically, much like COVID-19).
How about? Well over 260,000 new malware variants were identified (in that they were never seen before) in 2020.
Different attack methods
When we think of malware, we imagine it as an executable or batch file loaded onto a network or PC. This is accurate, but the deployment of viruses has shifted over the past year. Specifically through Microsoft-based documents and PDF files.
This makes sense since numerous remote-working environments use Microsoft software and tools to finish work tasks. In these threat-events, attackers add malicious links in associated files. With phishing and social engineering, they hope to deliver payloads with workers who may not catch the malicious link.
Of course, profit is the name of the game. While third-parties want to hijack networks for a ransom, that hasn’t slowed cryptojacking. Cryptojacking is a method where a browser or system is unknowing infected with a “cryptominer,” software or addon which performs small operations. These operations are traded for small percentages of cryptocurrencies.
Naturally, vulnerable networks and remote-worker systems are prime targets for this. As cryptocurrency continues to grow in value, these operations are likely to continue. It’s worth checking your systems for any unusual activity/excessive resource uses.
Attack surface increase
An attack surface is a potential vector for an intrusion. That could be a mobile device, WAN, or unsecured computer. Today, though, that’s increased with the rise of IoT (internet of things). Smart devices exist by the hundreds, using network connections to perform tasks. Each of these devices, like anything, need firmware updates for performance and security, but that isn’t always the case. Therefore, any unsecured device creates a weakpoint.
Businesses using smart devices or IoT devices for meetings and organizations have these entry points, adding to the cybersecurity strain.
Lastly, it’s not always SMBs put in the crosshairs. Major industries – medical included – have seen startling ransomware attacks, regardless of the human cost.
They’re natural targets, as medical networks and hospitals rarely have a choice when dealing with threat-actors, relying on their systems to aid patients. Healthcare attacks were up by 123%, and government networks also fell under siege (you’ll no doubt remember the SolarWinds hack).
From all this, one thing is certain: chaos and confusion are the perfect ecosystems for malicious parties, and no matter who is affected, they’ll take advantage.
If you’re concerned with these attacks and want to protect your network, consider getting help. Contact Bytagig today for additional information.