Securing the Pandemic-Disrupted Workplace Trend Micro 2020 Midyear Cybersecurity Report Validshopsu, lampeduzacc

In our annual predictions for 2020, we were able to forecast a new norm in the cybersecurity landscape. Still, no one could have anticipated that these changes would affect not just cybersecurity, but also healthcare, business, and other industries as well. Notably, there is a singular cause behind all these changes in cybersecurity: the coronavirus pandemic.
At a time when many business operations are immobilized or even on the verge of shutdown, cybercriminals continue to thrive. Operators, both known and emerging, take advantage of the current crisis by coming up with novel threats and strengthening existing ones. Even with fewer detections, ransomware remains a threat as operators arm malware with new capabilities to aim for bigger targets. Additionally, security researchers race to patch recently uncovered vulnerabilities.
Our midyear roundup examines pressing security issues during the first half of this year and offers recommendations to help enterprises secure their systems in the new normal terrain.
Referencing Covid-19 is one of the latest social engineering lures used by cybercriminals. We have witnessed a surge of nearly 9 million Covid-19-related threats from January to June 2020. These threats are delivered via email, URLs, or malicious files that mention the pandemic either blatantly or more subtly, as a factor affecting business services.
Email was the most used entry point, making up 91.5% of detections for Covid-19-related threats. The numbers started rising in March and peaked in April. Some of the emails we observed include those that pose as health advisories or donation requests. These usually have attachments that carry malware.
With businesses shifting to remote work due to the pandemic, cybercriminals went after tools used in these environments, such as video conferencing apps. Some attacks involve crashing private video conferencing calls or baiting users with malicious domains.
We also found malware families such as a Coinminer and WebMonitor RAT bundled with video conferencing app installers, as well as a case where malware ( Backdoor and Devil Shadow Botnet ) disguised themselves as fake installers. Users are advised to download applications or programs only from official download centers and app stores to avoid getting compromised.
With or without a pandemic, it’s business as usual for threat groups, as proven by several noteworthy campaigns spotted in the first half of 2020. Both known and new threat actors made their presence felt by either showcasing novel techniques or expanding to new platforms.
Ransomware detections might have decreased, but this does not mean that the malware type is any less of a threat. It is possible that ransomware attacks have gotten even stealthier as operators aim for larger targets and heftier sums.
We have observed an increase in ransomware demands that target companies in critical industries such as logistics, technology, and government. The average ransom demand for a Ryuk infection rose by around 62.5%.
Average ransom demand (4th quarter, 2019)
Average ransom demand (1st quarter, 2020)
On the other hand, some ransomware families now focus on private enterprises. Operators behind Nemty, for instance, have shifted their sights to private companies instead of public ones in their Ransomware-as-a-Service (Raas) operations.
Following last year’s trend, ransomware has also been bolstered with new abilities; currently, many ransomware families do not just encrypt files, but also steal data.
Since February of this year, Microsoft has released an estimated 100 fixes for vulnerabilities every month, with June having the highest number at 129. In previous years, the patches released rarely came close to a hundred.
Other notable vulnerabilities involve virtual private networks (VPNs). The US Cybersecurity and Infrastructure Security Agency (CISA) warned about the continued exploitation of CVE-2019-19781 and CVE-2019-11510 . This development might be attributed to the fact that VPNs are now more widely used for work-from-home setups.
For the first half of 2020, we have witnessed a 16% increase in the number of industrial control system (ICS) vulnerabilities disclosed to Zero Day Initiative (ZDI) compared with the same period last year.
A few of the notable IIoT vulnerabilities for the first half of the year include URGENT/11 , which are vulnerabilities that put medical devices at risk, and Ripple20 , which are vulnerabilities that can infiltrate a variety of IoT devices in diverse industries.
The Trend Micro™ Zero Day Initiative program published a total of 786 advisories for the first half of 2020, a staggering 74% increase from the figures from the second half of 2019. The vulnerabilities were sourced both from vendors and independent researchers.
Email threats blocked
Malicious files blocked
Malicious URLs blocked
Email reputation queries
File reputation queries
URL reputation queries
The first half of the year has seen challenges brought about both by consistent efforts and opportunistic ventures made by threat actors. To be constantly and thoroughly prepared for the ever-evolving nature of threats, enterprises should adopt a multilayered security strategy to ensure that all possible entry points such as gateways, networks, servers, and endpoints are secured against attackers.
For deeper insight into threats and other cybersecurity issues for the first half of 2020, read our full report, “Securing the Pandemic-Disrupted Workplace: Trend Micro 2020 Midyear Cybersecurity Report” .
Like it? Add this infographic to your site:1. Click on the box below.   2. Press Ctrl+A to select all.   3. Press Ctrl+C to copy.   4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
In the first half of this year, cybersecurity strongholds were surrounded by cybercriminals waiting to pounce at the sight of even the slightest crack in defenses to ravage valuable assets. View the report
The upheavals of 2020 challenged the limits of organizations and users, and provided openings for malicious actors. A robust cybersecurity posture can help equip enterprises and individuals amid a continuously changing threat landscape. View the 2020 Annual Cybersecurity Report
Validshopsu lampeduzacc