The full report will be sent to the email you’ve provided.See more report highlights >>
The new normal landscape has generated a surge of sophisticated Gen V cyber-attacks. As organizations adapted to remote work, and all the digital implications from it, cyber criminals have seized the global crisis to launch a series of large scale cyber exploits.
Double extortion refers to a multi-stage ransomware attack that emerged in late 2019. It combines encryption of the victim’s files – the ‘traditional’ ransomware attack – with a threat to release sensitive corporate files to the public unless the ransom payment is paid within the designated timeframe. The attackers collect the files when they gain access to the victim’s network, prior to the encryption stage. Double Extortion becomes a “new normal” tactic in targeted attacks on all sectors.
Many malware families were able to maintain their global rank from 2019, with only slight movements up or down. AgentTesla and Formbook, two commodity info-stealers, climbed from the lower ranks to the top five. Drive-by Cryptominers like Cryptoloot, moved down or dropped from the top 10 altogether.
The COVID-19 pandemic has driven a systematic shift in corporate network architecture. The urgent need for remotely administered, agile, and scalable networks has accelerated moves to a cloud infrastructure, which allows flexibility in scale and resource management, and is accessible from anywhere. Attackers have taken note of this massive migration to hybrid cloud technologies, Essentially, there is a shift to attacking cloud accounts instead of cloud resources.
The increased use of mobile devices during the lockdown and social distancing may also be responsible for the substantial growth in banking Trojan malware families.
As well as the introduction of several malicious applications masquerading as legitimate coronavirus-related apps, there was increasing concern over data privacy issues in the official tracking applications developed by national governments.
Iranian Rampant Kitten APT, threat actor used a combination of fake mobile applications, Windows infostealers, and Telegram phishing pages