Image courtesy: SonicWall
The prolonged work-from-home spell across India resulted in a sharp 65% decline in the volume of malware infection over the first six months of 2020, though this drop did not make the internet a safer place for people, a recent report suggests.
In its mid-year update to the 2020 Cyber Threat Report, SonicWall Capture Labs highlighted an increase in ransomware during the same timeframe, besides malware attacks on IoT devices, an opportunistic use of Covid-19 pandemic, besides continued systemic weaknesses and a growing reliance on Microsoft Office files by cybercriminals as the major trends of the times.
And so it was that though India’s malware rates had plummeted in April, by June it had nearly reached Q1 levels, says the report which analyzed threat intelligence data gathered from 1.1 million sensors in over 215 countries and territories. Few salient features of the mid-year update to the 2020 SonicWall Cyber Threat Report are:
- 24% drop in malware attacks worldwide
- 50% rise of IoT malware attacks
- 7% of phishing attacks capitalized on COVID-19 pandemic
- 176% increase in malicious Microsoft Office file types
The Lockdown Effect
Commenting on the cyber threat landscape, Debasish Mukherjee, SonicWall Vice President of Regional Sales, APAC, said, “With more people working from home during the COVID-19 pandemic, the abrupt shift to remote working has sparked an unprecedented increase in cyber threats as opportunistic hackers take advantage of the boundaryless ecosystem.”
“Exploiting the new raft of vulnerabilities in less secure situations and preying on fear, cyberspace has seen a significant jump in phishing during global shelter-in-place orders in March and ransomware through the first half of 2020. Cybercriminals are also increasingly using non-standard ports to evade detection and deploy malware, despite a continuation of a downward trend in malware volume since November 2019 and a 32% decline in encrypted threats,” he says.
Some Quick Numbers
During the first half of 2020, global malware attacks fell from 4.8 billion to 3.2 billion (-24%) over 2019’s mid-year total. This drop is the continuation of a downward trend that began last November.
There are regional differences in both the amount of malware and the percentage change year over year, highlighting shifting cybercriminal focus. For example, the United States (-24%), United Kingdom (-27%), Germany (-60%) and India (-64%) all experienced reduced malware volume.
The IoT Threat Grows
Work-from-home (WFH) employees or remote workforces can introduce many new risks, including Internet of Things (IoT) devices like refrigerators, baby cameras, doorbells or gaming consoles. IT departments are besieged with countless devices swarming networks and endpoints as the footprint of their corporate expands beyond the traditional perimeter.
Researchers at SonicWall found a 50% increase in IoT malware attacks, a number that mirrors the number of additional devices that are connected online as individuals and enterprise alike function from home. Unchecked IoT devices can provide cybercriminals an open door into what may otherwise be a well-secured organization.
While instituting widespread work-from-home policies to help reduce the risk of contracting the coronavirus, the pandemic has proven lucrative for cyberattackers. Recognising the heightened cyber risks is important for companies working remotely, especially without the full protection of corporate firewalls and other security measures. In this hyper-distributed IT reality, businesses should adopt a fundamentally new approach to mitigate cyber threats and have an elaborate cybersecurity model to do so, he said.
Email and Phishing
The combination of the global pandemic and social-engineered cyberattacks has proven to be an effective mix for cybercriminals utilizing phishing and other email scams. Dating as far back as February. 4, SonicWall researchers detected a flurry of increased attacks, scams and exploits specifically based around COVID-19 and noted a 7% increase in COVID-related phishing attempts during the first two quarters.
As expected, COVID-19 phishing began rising in March, and saw its most significant peaks on March 24, April 3 and June 19. This contrasts with phishing as a whole, which started strong in January and was down slightly globally (-15%) by the time the pandemic phishing attempts began to pick up steam.
The Microsoft Office Pandemic
Microsoft Office is a necessity with millions of employees now more remote and dependent on the business productivity suite of applications. Cybercriminals were quick to leverage this shift, as SonicWall threat researchers found a 176% increase in new malware attacks disguised as trusted Microsoft Office file types.
Leveraging SonicWall Capture Advanced Threat Protection with Real-Time Deep Memory Inspection technology, SonicWall discovered that 22% of Microsoft Office files and 11% of PDF files made up 33% of all newly identified malware in 2020. The patent-pending RTDMI™ technology identified a record 120,910 ‘never-before-seen’ malware variants during that time — a 63% increase over the first six months of 2019.