In its Cyber Threat Report 2020, our cyber security partner Acronis states that more than 30% of companies worldwide are the victims of attacks by cyber criminals at least once a day. With more people switching to working from home last year, the pandemic created even more security problems. Criminals responded quickly to this new situation and modified proven methods, such as phishing, ransomware and malware strategies, accordingly. An increased number of DDoS attacks and attacks on video conferences were also recorded.
The following trends emerged in 2020.
A focus on COVID-19 in phishing mails
A Corona subgenre clearly manifested itself in phishing e-mails in 2020. The mails lured recipients with solutions for remote learning, free COVID tests and fake documents for purported financial aid. In a targeted campaign in the German state of North Rhine-Westphalia, fraudsters gathered personal data and then submitted fake applications. According to Acronis, up to € 100 million was thus lost.
Working from home – the weak link
During the pandemic, people working from home became a security problem for companies. Safeguards and training for the staff created the most difficulties. Private computers, remote access to servers and virtual conferences made security measures even more problematic. The fact that teams suddenly only communicated on a virtual basis helped to increase the success rate of phishing mails that lured recipients with links to urgent meetings or purportedly shared cloud documents.
Cyber Protect Cloud – the secure solution
More attacks on cloud services and managed service providers
Acronis also identified an increase in attacks on managed service providers (MSP). With just one hack, cyber criminals could thus collect the data and login details of multiple companies. The rushed switch to working from home probably also meant that cloud settings were configured too hastily in some cases. This made it easier for criminals to gain access to unprotected applications and data services on the internet.
Malware as a “business model”
Encryption and extortion in connection with confidential data is a lucrative industry. The already successful ransomware model has now also developed into a comprehensive service for cyber criminals (ransomware as a service, RaaS). According to the FBI, one ransom group was already earning approximately $ 3 million per month in 2019. For criminals, extortion involving the threat of releasing confidential data will remain an attractive "business model." Consequently, data protection as well as data loss and leak prevention will become even more crucial in 2021.
For smaller companies and private households
Backups – the target of attacks
Backups have proven effective in the event that data is lost but they are now increasingly the focus of ransomware attacks which attempt to delete copies or disable backup solutions. Services with a self-protection function are therefore a “must”.
To sum the situation up, continue to be vigilant in 2021 and boost your IT security. Cyber criminals are constantly improving and automating their processes. In addition to identity and access management, the protection of your backups should also be given top priority.
Click here to read the full Acronis Cyber Threat Report 2020.