'Organizations with reliable backups and effective restoration procedures are in a strong position to recover from a ransomware attack without having to pay. However, managing a potential data leak is a dramatically different challenge, especially for organizations that possess confidential information,' explained Calvin Gan, a Senior Manager with F-Secure's Tactical Defense Unit. 'Ransomware actors, current and future, will likely feel emboldened to try new things and jump on vulnerabilities faster, which we're already seeing with the recent MS Exchange vulnerabilities.'

Based on developments in the latter half of 2020, the report highlights several other significant cyber security trends, including:

  • Attackers' use of Excel formulas - a default feature that cannot be blocked - to obfuscate malicious code tripled in the second half of 2020.
  • Outlook was the most popular brand spoofed in phishing emails, followed by Facebook Inc. and Office365.
  • Nearly three-quarters of domains used to host phishing pages were web hosting services.
  • Email accounted for over half of all malware infection attempts in 2020, making it the most common method of spreading malware in cyber attacks.
  • Malware that automatically collects data and information from victims (infostealers) continues to be a threat; the two most prevalent malware families in the latter half of 2020 were both infostealers (Lokibot and Formbook).
  • 61% of vulnerabilities found in corporate networks were disclosed on or before 2016, making them at least 5 years old.

Additionally, in a retrospective look at the notable supply chain attacks from the last 10 years, the report highlights that over half of them targeted either utility or application software and expresses hope that last year's SolarWinds hack draws greater attention to the impact these attacks can have.

'In security, we place a lot of emphasis on organizations protecting themselves by having strong security perimeters, detection mechanisms to quickly identify breaches, and response plans and capabilities to contain intrusions. However, entities across industries and borders also need to work together to tackle security challenges further up the supply chain. Advanced persistent threat groups are clearly ready and willing to compromise hundreds of organizations through this approach, and we should work together to counter them,' said Gan.

The full report, Attack landscape update: Ransomware 2.0, automated recon, supply chain attacks, and other trending threats, is now available at https://blog.f-secure.com/attack-landscape-update-h1-2021/.

Attachments

  • Original document
  • Permalink

Disclaimer

F-Secure Oyj published this content on 30 March 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 30 March 2021 07:24:06 UTC.