Cyber attacks are dangerous by compromising sensitive information and company assets, endangering customers, and ruining business reputation. Large enterprises and companies are especially attractive targets for cybercriminals.
As a rule, their computer systems contain a tremendous amount of information that is not always adequately protected. As could be seen from reviews of PC Matic by Nathan Collier, the protection can be granted by the cybersecurity suites. The reason is that cyberattacks usually affect a storage medium specially designed for storage, processing, and transfer of the user’s data. The software can prevent possible harm, which is pretty common due to the recent events.
Global Trend
Attacks against global industrial companies have increased in frequency in 2020 by almost two times compared to last year. And spring 2020 was the record for the number of successful cyber attacks carried out by hackers. About half of all malware attacks were carried out by ransomware, the rest by spyware Trojans.
Ransom managers and cyber-espionage APT groups are showing the most interest in the industrial sphere. The initial vectors of penetration while attacking the industrial sector were phishing emails (over 80% of the total number of attacks) and network perimeter vulnerabilities (less than 20%).
The most dangerous ransomware attacks in 2020
The ransomware attacks are one of the fastest-growing areas of the cybercriminal business nowadays. Blackmailing of victim’s data in case of refusing to pay the ransom is churning out. Ransomware can be a problem for companies, financial, educational institutions, and the healthcare system. Cybersecurity specialists have proved that this malware family can easily disable the necessary infrastructure of the whole city.
Having penetrated the victim computer, the malware encrypts information of the most common formats: work files, media, archives. In other words, everything belonging to the most sensitive data for the user that is either office or personal information. It’s not even about the ransom, money delivery mechanisms are quickly blocked, and everyone understands this.
As practice shows, cybercriminals’ most successful attacks were carried out using new and unique Trojans with a well-thought-out transmission strategy. This means that it was the result of the work of a whole group of qualified specialists.
The most significant ransomware attacks in 2020 were:
- One of the largest construction companies in France, Bouygues Construction, became a victim of a ransomware virus found in the corporate network.
- Fresenius Group was attacked and at least one of the company’s IT systems infected.
- Ransomware disabled the IT system in three Honda factories forcing the company to stop making cars and motorcycles around the world.
- The University of California San Francisco (UCSF) paid over a million ransom to recover important academic files blocked by the malware.
- The ransomware has blocked the Canon servers. Hackers took more than 10 TB of user data.
Distributed Denial-of-Service, DDoS attacks
A stream of false requests that tries to block the selected resource either by attacking the communication channel clogs it with a considerable mass of useless data, or directly attacking the server serving this resource. Such actions are used for the competition, direct blackmail of companies, and distract the attention of system administrators from other illegal activities.
Distributed denial-of-service (DDoS) attacks first hit the news in December 1999. That case was related to the trin00 botnet-based system. These attacks are evolving today but with the same principles. Thousands of geographically spread hosts start bombarding servers with empty requests, resulting in overloading and inability to promptly process legitimate requests. The most severe DDoS attacks of 2020 were:
- New Zealand Stock Exchange was closed for 4 days due to cyber attacks.
- Amazon repelled the most massive DDoS attack in history, which peaked at 2.3 Tbps.
- One-tenth of Ukrainian telecommunication networks have experienced a large-scale attack peaked at 780 Gbps.
Phishing and SMiShing
Phishing is a type of Internet fraud to gain access to confidential user data (logins and passwords). The users think they are going to the declared site, but in fact, they are redirected to a fake resource. As a rule, customers of banks and payment systems become victims of phishers most often.
Phishing is one of the types of social engineering based on users’ ignorance of network security basics. Many people still are not aware of a simple fact that no financial services or banks send letters asking customers to provide their credentials, passwords, etc.
To increase phishing protection, the major Internet browsers manufacturers have agreed to use the same methods of informing users that they have opened a suspicious site that may belong to scammers. Newer versions of browsers already have an anti-phishing feature.
The examples of phishing events in 2020 are:
- The GitHub Incident Response Team (SIRT) warned users of a phishing campaign when attackers steal credentials through landing pages that impersonate GitHub login pages.
- Microsoft received a court order to control six domains used in phishing attacks against Office 365 users.
- Attackers use fake CVs to spread malware like for stealing bank credentials.
As people became more aware and better at recognizing phishing emails resulting in fewer phishing victims, hackers changed their tactics, focusing on the phones. Smishing looks very similar.
However, instead of sending emails, hackers send their victims SMS text messages. Each of these messages is created to trick people into obtaining extremely sensitive personal information. For example, a PIN code to access their online bank. Some kind of smishing messages will direct their victims to a fake website or ask them to download a necessary application that is actually infected with malware.
Checking the source of each email or SMS you receive and going to your bank’s website by typing the address in the address bar of your browser are two main precautions you can take in order not to become a victim of phishers. Your bank will never ask you to send your passwords or personal information by email. Also, you should always install the latest updates for your operating system and web browsers.
