One of the biggest threats to your network is cyberattacks, which are growing more and more sophisticated every day.
According to the Microsoft Digital Defense Report, the first half of 2020 saw an approximate 35% increase in total attack volume compared to the second half of 2019. How else have cyberattacks evolved? Check out these important insights from the report.
Sophisticated Techniques
Cybercriminals have rapidly evolved their techniques, moving quickly to experiment with different social engineering techniques and find new ways to hide their work. With the COVID-19 pandemic specifically, Microsoft said it saw attackers switch lure themes daily to align with news cycles. Adversaries crafted lures around worldwide concern over COVID-19, broadly targeting consumers and specifically targeting industries, such as healthcare.
Unlike past years when cybercriminals focused on malware attacks, today’s attackers have shifted their focus to phishing attacks, which now account for approximately 70% of cyberattacks. To trick people into giving up their credentials, attackers often send emails imitating top brands, such as Microsoft, Amazon, and Apple, to trick people into giving up their credentials. They are also morphing their attack campaigns to evade detection.
Shifting Targets
In addition to refining their techniques, cybercriminals who are nation-state actors are shifting their targets to align with the evolving political goals in the countries where they originate. According to Microsoft’s report, nation-state actors targeted customers involved in the global COVID-19 response efforts and used the crisis to expand their credential theft and malware delivery tactics.
These COVID-themed attacks targeted prominent governmental healthcare organizations and the academic and commercial organizations they worked to perform reconnaissance on their networks or people.
Nation-state actors are targeting more than critical infrastructure, however, and recent changes in targets suggest that they are focusing on organizations involved in public policy and geopolitics. Microsoft reports that 90% of its nation-state notifications in the past year have been to organizations such as nongovernmental organizations (NGOs), advocacy groups, human rights organizations, and think tanks focused on public policy, international affairs, or security.
Ransomware
Cybercriminals have a long history of using ransomware, but these attacks continue to develop in complexity. Attack patterns reflect that cybercriminals know when there will be change freezes, like holidays, that will impact an organization’s ability to make changes to harden their networks. They know when there are business needs that will make organizations more willing to pay ransoms than incur downtime, such as during billing cycles.
These ransomware attackers have also used the COVID-19 pandemic as an excuse to reduce the amount of time they spend compromising and exfiltrating data within a victim’s system, apparently believing that there would be an increased willingness to pay as a result of the crisis. Microsoft reports that, in some instances, cybercriminals went from initial entry to ransoming the entire network in under 45 minutes.
Work from Home
The COVID-19 pandemic accelerated the work-from-home trend, which has led to an increase in distributed denial of service (DDoS) attacks and insider threats. Microsoft observed an increase in identity-based attacks using brute force on enterprise accounts during the first half of 2020.
This attack technique uses systematic guessing, lists of passwords, dumped credentials from previous breaches, or other similar methods to forcibly authenticate to a device or service. This means it is essential for organizations to implement multi-factor authentication.
Given the rapid evolution of cyberattacks, all organizations must invest in people and technology to help stop attacks. ATSG’s Security Investigations will determine where your organization and network are most at risk, providing you with powerful insights as to how you can better protect your business.
ATSG won’t leave the task of fixing these vulnerabilities yourself, though. Our rediSecure services encompass the complete IT security lifecycle. We’ll help you eliminate vulnerabilities, stop attacks in their tracks, and quickly get you on the path to recovery should your business be impacted.
ATSG—Transforming the customer experience through tech-enabled managed services
Today’s choices for mobility, cloud, infrastructure, communications, applications, and operations are mission-critical for small, mid-sized, and large enterprises.
ATSG, Inc., is leading the transformation into technology solutions as a service with our tech-enabled managed services portfolio and a commitment to technology innovation, operational excellence, and client intimacy.
Recognized by industry leaders and industry-leading publications, ATSG has over 25 years of operating history delivering exceptional client experiences that directly result in competitive advantage, cost savings, growth, and improved operational efficiencies.
Visit ATSG.net, email [email protected], call (914) 517-2919, or visit one of our five tri-state locations today for more information.
