The entire world is on the brink of returning to their routines even when the threat of COVID-19 still persists. In such a scenario a lot of organizations will opt to allow their employees to continue working from the confines of their homes. However, their security teams should note that even though working from home has become the new normal, the risk of cyber threats has considerably increased as threat actors continue to prey on the fear of the masses.
Consequently, with the help of our security experts, we take a look at what has transpired in the threat landscape over the course of the last five months.
Since the global outbreak of the COVID-19 pandemic, millions of employees who have resorted to working from home have been accessing the organization’s resources through VPNs, video conferencing apps, and other cloud-based systems. This has, however, given cybercriminals various opportunities to deploy campaigns against these tools in order to gain access to the organization’s networks and machines.
- Researchers have reported a massive rise in cloud-based cyber attacks in the first four months of the year 2020. This cyber-attacks targeted cloud accounts with important credentials and other cloud-based services.
- To lure victims in various phishing and malware attacks, cybercriminals have also impersonated various video conferencing apps.
- In addition, to spreading malware or tricking users in various scams, cyber-attack campaigns that leveraged fake VPN apps and unpatched VPN’s were also executed.
- Since the start of the outbreak, around 100,000-150,000 attacks on the Remote Desktop Protocol (RDP).
This period of pandemic also saw cybercriminals deploy old malware with brand new campaigns, to prey on people’s fear, confusion and uncertainty. In recent times, a variety of keyloggers, ransomware, and data stealers were noticed.
According to researchers, activities of backdoor malware NetWiredRC, which was last spotted in 2019 spiked by 200% during this pandemic period. The detection of the AveMaria Trojan also spiked by 110% in this period. This Trojan along with its ability to steal passwords can provide remote desktop access and remote webcam control. Another invasive Trojan, the Danabot which is an information stealer Trojan can swipe online banking account details and this period saw its activity rise by 160%.
Other information-stealing malware like TrickBot, LokiBot, and AZORult also made comebacks during this period.
Cybercriminals found a new method to deliver their attacks in this time frame by hiding it in COVID-19 maps. However, phishing campaigns were still the most popular mode of delivery of an attack. Attacks on online retailers and banks increased by 20% during the pandemic, putting home shoppers at a greater risk than ever.
To read more, please check eScan Blog
