Releasing its annual mid-year roundup report on Thursday, global cloud security vendor Trend Micro said cybercriminals shifted their focus from January through June to take advantage of global interest in the pandemic - and the risk to businesses was compounded by security gaps created by a completely remote workforce.
“The pandemic has dominated all of our lives during the first half of 2020, but it’s not slowing down the cybercriminals,” said Jon Oliver, Director and Data Scientist, Trend Micro.
“IT leaders must continue to adapt their cybersecurity strategies to account for increased threats to their new normal. That means protecting remote endpoints, cloud systems, user credentials and VPN systems, as well as refreshing training courses to turn that newly dispersed workforce into a more effective first line of defense.”
In total, Trend Micro reports that it blocked 27.8 billion cyber threats in the first half of 2020, 93% of which were email-borne.
And the security firm says that among all the threats in the first half of the year, ransomware was a constant factor - and although the number of detected ransomware threats decreased, it saw a 36% increase in new ransomware families compared to the same time last year.
"COVID-19 has reinforced the need for cybersecurity to be on the agenda, particularly as the pandemic forced Australian organisations to reconsider how and where they work," Oliver said.
"We've seen malicious actors take advantage of the situation by diversifying attack tactics, particularly in the form of malware attacks and COVID-19 related malicious URLs.”
Oliver points out that global organisations have also been burdened by a significant spike in newly disclosed vulnerabilities, and Trend Micro’s Zero Day Initiative (ZDI) published a total of 786 advisories, representing a 74% increase from the second half of 2019, and some of these came as part of Microsoft Patch Tuesday updates, which have fixed an average of 103 Common Vulnerabilities and Exposures (CVEs) per month so far in 2020 — including the largest number of patches ever issued in a single month (129) in June.
“With many Australian organisations continuing to rely on remote workers as the new normal, it is important for security leaders to have complete visibility over the vulnerability and CVE landscape,” Oliver added.
“We’re seeing ongoing widespread attempts to exploit internet-facing devices, so it’s imperative organisations monitor CVEs and are prepared with a strong patching strategy to ensure software is up to date.”
Trend Micro reports that it also observed a 16% increase in vulnerabilities disclosed in industrial control systems (ICS), compared to the first half of 2019, which could create major challenges for smart factory owners and other organisations running IIoT environments.
“To effectively protect dispersed corporate networks, Gartner recommends businesses “refine security monitoring capabilities to reflect an operating environment where network traffic patterns, data and system access vectors have changed due to increased remote and mobile operations,” Trend Micro said.
“Trend Micro XDR helps customers do exactly that by correlating security events across the entire IT environment, which is critical for holistic protection in the second half of 2020.”