Ransomware, Phishing Will Remain Primary Risks in 2021

  /     /     /  
Publicated : 23/11/2024   Category : security


Ransomware, Phishing Will Remain Primary Risks in 2021


Attackers have doubled down on ransomware and phishing -- with some tweaks -- while deepfakes and disinformation will become more major threats in the future, according to a trio of threat reports.



Cybercriminals and nation-states have doubled down and improved on popular attacks, targeting companies with double-extortion ransomware attacks, adopting various COVID-19-themed lures for phishing, and taking advantage of cybersecurity chaos following the move to remote work, according to three threat reports published this week. 
Ransomware made up nearly a quarter of the incident-response engagements for IBM Securitys X-Force threat intelligence group. Fifty-nine percent of the ransomware incidents involved cybercriminals exfiltrating, before encrypting, the data — so-called double-extortion attacks, according to the X-Force Threat Intelligence Index 2021 report. The most common ransomware group, dubbed Sodinokibi, raked in more than $123 million in profits during 2020, according to the companys calculations.
The use of double-extortion ransomware attacks and the focus on large companies and big scores will continue in 2021, says Nick Rossmann, global threat intelligence lead for IBM Security X-Force.
Double extortion is the trend that attackers have gone to in 2020 because the attack circumvents the defenses, like backups and a good incident response strategy, that companies have put into place, he says. This shift is a natural evolution of where attackers are going to go in response to companies defenses.
In separate threat reports published by
IBM
, anti-malware firm
Trend Micro
, and endpoint security firm
BlackBerry
, many of the same themes emerge. Ransomware dominated all, with Sodinokibi and Ryuk headlining lists of top ransomware campaigns, but relative newcomers Egregor and DoppelPaymer were also on the list. 
Attackers focus on stealing and encrypting data at larger enterprises has led to an increase in ransoms, with one insurance company noting the average ransom doubled from 2019 to the first quarter of 2020, according to Trend Micros 2020 Annual Cybersecurity Report. The top ransomware family, however, was not a new threat: The WannaCry crypto-ransomware worm, which
automatically infected systems in May 2017
, continues to scan for unpatched computers. 
WannaCry, aside from being the top malware family, is the only ransomware in the list [of top malware], Trend Micro states in its report. Cryptocurrency miners as a whole are in second place, showing how prevalent they had become.
While many companies have seen ransomware on the rise, the number of attempted ransomware attacks — as measured by the number of e-mail messages with malicious links or malware connected to ransomware — has dropped. The decline is not because the threats have decreased, says Jon Clay, director of global threat communications at Trend Micro.
If you look at the ransomware numbers, that number is actually down year-over-year because the tactics have shifted, he says. We have moved from the spray-and-pray ransomware attacks to the much more targeted approach by the ransomware actors.
The notable exception is the 4-year-old WannaCry ransomware worm, which still creates the most malicious traffic, according to Trend Micro, which sees such encounters because its data is collected from endpoints.
Phishing attacks aimed at either stealing credentials or as part of a business e-mail compromise (BEC) scheme continue to be popular. With many employees working from home, they presented more of an opportunity for attackers, BlackBerry states in its 2020 Threat Report.
Software-as-a-service (SaaS) applications and Webmail remained the most targeted services for phishing attacks, dominating others throughout the year, according to the report. Financial and payment sectors ranked in the second and third positions.
Traditional exploits continued to be a common attack vector, claiming the top slot in the IBM report. While ransomware and phishing both climbed, IBM Securitys X-Force found 35% of investigated incidents leverage vulnerabilities in the attack. The company also found attacks on Linux vulnerabilities had increased. 
A lot of companies are moving to the cloud, so there is a lot of data there, says IBM Security X-Forces Rossmann. In addition, the majority of Linux-based malware is cryptocurrency miners. So the Bitcoin market is driving attackers to move into Linux and try to exploit cloud services.
Looking to the future, disinformation and the threat of deepfakes are perhaps the most significant threats. Already,
deepfakes are being used to enhance business scams
, allowing cybercriminals to produce the voice of CEOs requesting a payment made to an attackers account.
Put together, deepfakes and disinformation will hobble national efforts to prepare for a variety of threats, from future pandemics to cybersecurity and national security issues, says Eric Milam, a threat researcher with BlackBerry. 
What do we do when what you see is a complete misinformation campaign, but it is so well done that you dont know it is a misinformation campaign, and those people who want to believe it now have a level of confidence that they would not have had in the past? he says. That is a threat to us as human beings, and we have no way to deal with that right now.
Milam predicts that machine-learning models will be the only way to defend against such threats in the future.

Last News

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Ransomware, Phishing Will Remain Primary Risks in 2021