Detected Cyber Threats Rose 20% to Exceed 62.6 Billion in 2020

Trend Micro’s annual roundup report can guide strategic security planning for the new year

SYDNEY, 25 February, 2021 – Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global leader in cybersecurity solutions, today announced it detected 119,000 cyber threats per minute globally in 2020 as home workers and infrastructure came under new pressure from attacks. This insight and many others come from Trend Micro’s 2020 roundup report, A Constant State of Flux: Trend Micro 2020 Annual Cybersecurity Report (https://www.trendmicro.com/vinfo/au/security/research-and-analysis/threat-reports/roundup/a-constant-state-of-flux-trend-micro-2020-annual-cybersecurity-report).

The report also shows that home networks were a major draw last year for cybercriminals looking to pivot to corporate systems, or compromise and conscript IoT devices into botnets. Trend Micro found attacks on homes surged 210% to reach nearly 2.9 billion—amounting to 15.5% of all homes globally. The vast majority (73%) of attacks on home networks involved brute forcing logins to gain control of a router or smart device.

Globally, email-borne threats made up 91% of the 62.6 billion threats blocked by Trend Micro last year, indicating that phishing attacks continued to be hugely popular. The company detected nearly 14 million unique phishing URLs in 2020 as attackers targeted distracted home workers. In Australia, phishing continued to be a prevalent threat vector in 2020, and COVID-19 related phishing scams targeting Australians accounted for 4.7% of global attempts, meaning Australians had to stay vigilant of new and emerging threat tactics. COVID-19-related malicious URLs and spam were a preferred avenue of attack on Australians, likely because of their accessibility and high return rate.

“In 2020, businesses faced unprecedented threat volumes hitting their extended infrastructure, including the networks of home workers. Familiar tactics such as phishing, brute forcing and vulnerability exploitation are still favored as the primary means of compromise, which should help when developing defenses,” said Dr Jon Oliver, Director and Data Scientist, Trend Micro. “Australian organisations have now had time to understand the operational and cyber risk impact of the pandemic. The new year is a chance to adjust and improve with comprehensive cloud-based security to protect distributed staff and systems.”

“As the vaccine begins to roll out in Australia, all eyes are on a successful implementation, meaning the supply-chain is an easy target for cybercriminals to take advantage of,” continued Dr. Oliver. “As these types of attacks continue to be a preferred method by malicious actors, it’s important for organisations to evaluate the security of their suppliers and other partners and work together to create a strong defence strategy against these attacks.”

Other global key trends included:

• Newly detected ransomware families increased 34%, with “double extortion” attacks – where attackers steal data before encrypting it to force payment by threatening to release the stolen information – and more targeted threats becoming increasingly popular. Government, banking, manufacturing and healthcare were the most targeted sectors.
• The number of vulnerabilities published by the Zero Day Initiative (ZDI) increased 40% year-on-year, but Trend Micro continues to see flaws from as far back as 2005 being heavily exploited.
• Many attacks targeted flaws in VPNs used by remote workers. CVE-2019-11510, a critical arbitrary file disclosure flaw in Pulse Connect Secure, already has nearly 800,000 hits based on Trend Micro customer data.
• Cloud service misconfigurations increasingly had consequences in 2020. Trend Micro observed exploitation of unsecured APIs in several cryptocurrency mining attacks.
• The ZDI published 1,453 vulnerability advisories, nearly 80% of which were rated as Critical or High severity.

 

About Trend Micro

Trend Micro, a global leader in cybersecurity, helps make the world safe for exchanging digital information. Leveraging over 30 years of security expertise, global threat research, and continuous innovation, Trend Micro enables resilience for businesses, governments, and consumers with connected solutions across cloud workloads, endpoints, email, IIoT, and networks. Our XGen™ security strategy powers our solutions with a cross-generational blend of threat-defence techniques that are optimised for key environments and leverage shared threat intelligence for better, faster protection. With over 6,700 employees in 65 countries, and the world’s most advanced global threat research and intelligence, Trend Micro enables organisations to secure their connected world. http://www.trendmicro.com.au/