July 22, 2020
In the past six months, the way we live and work has changed beyond recognition. To put it simply – life on earth has gone online. The change was not gradual but happened seemingly overnight. Almost everything is different now, from the way we conduct relationships,
work or even do our grocery shopping. Changes of the same order of magnitude can be found in the cyber arena.
The new normal has created challenges alongside opportunities. Infrastructure changes made by companies to allow remote access have also required threat actors to adapt to a hybrid world that integrates cloud technologies. In addition, the rapid spread of the
corona virus and global research efforts to find a vaccine have created new phishing options and made medical research institutions a sought-after target for criminal and state actors.
We will address these effects and more aspects of the threat landscape, while providing examples and statistics of real world events.
Here are some of the cyber attacks trends we discuss:
Double Extortion
Ransomware actors have adopted a new strategy; in addition to making the victim’s files inaccessible, they now exfiltrate large quantities of data prior to its encryption in the final stage of the attack. Victims who refuse payment demands find their most sensitive data publicly displayed on dedicated websites.
Cyber Warfare
Nation-state cyber activity has seen a surge in intensity and escalation in severity. In times when traditional tactics to gather intelligence and knowledge are no longer feasible due to social distancing, the use of offensive cyber weapons to support national missions appears to have expanded. The goal may be better understanding of the Corona virus or securing intelligence operations, and countries and industries are the targets.
Mobile
Threat actors have been seeking new infection vectors in the mobile world, changing and improving their techniques to avoid detection in places such as the official application stores. In one innovative attack, threat actors used a large international corporation’s Mobile Device Management (MDM) system to distribute malware to more than
75% of its managed mobile devices.
Cloud
Industries were required to make rapid infrastructure adjustments to secure their production when working remotely. In many cases, this would not have been possible without cloud technologies. However, it also exposed more misconfigured or simply unprotected assets to the internet. In addition, for the first time, alarming vulnerabilities
were revealed in Microsoft Azure infrastructure that could enable invaders to escape VM infrastructure and compromise other customers.