62.6 Billion Threats Detected in 2020 ... That's 119,000 Per Minute
In excess of 62.6 billion cyber-threats were identified and blocked in 2020 (a rise of 20%). Breaking it down even further, that's 119,000 per minute.
These were among the findings of cybersecurity firm Trend Micro in their annual roundup, "A Constant State of Flux: Trend Micro 2020 Annual Cybersecurity Report."
Thanks to COVID and its accompanying 'remote workforce', cyber-attacks on home networks during 2020 numbered 2.9 billion, a staggering 210% increase. Of these, nearly three quarters (73%) involved brute-forcing logins to gain access via a router or smart device.
Attacks also targeted flaws in VPNs used remotely.
"One of the most notable and widespread VPN vulnerabilities is CVE-2019-11510, a critical arbitrary file disclosure flaw in the VPN product Pulse Connect Secure that could allow remote attackers to obtain usernames and plain-text passwords from affected machines," stated the report, adding that the flaw had accounted for nearly 800,000 detections during 2020, including several where it had been exploited to deliver the Sodinokibi ransomware.
More noteworthy stats included phishing attacks making up 91% of the 62.6 billion threats and that around 14 million unique phishing URLs had been detected, with their primary target being home networks.
The number of new ransomware families increased by just over a third (34%) and Government, healthcare, banking, and manufacturing were the most targeted sectors. An increase in "double extortion" attacks - where attackers not only hold data to ransom, but threaten to release it - was also highlighted.
Trend Micro's "Zero Day Initiative" (ZDI) marked a 40% increase in vulnerability advisories between 2019 and 2020, with nearly 80% rating Critical or High severity and some dating as far back as 2005 "still being heavily exploited".
One piece of good news to emanate from the report was that the number of attempted business email compromise (BEC) fell by 17% between 2019 and 2020.
"In 2020, businesses faced unprecedented threat volumes hitting their extended infrastructure, including the networks of home workers," said Jon Clay, director of global threat communications for Trend Micro. "Global organizations have now had time to understand the operational and cyber risk impact of the pandemic. The new year is a chance to adjust and improve with comprehensive cloud-based security to protect distributed staff and systems."
+ + +
Thanks for visiting SecAlerts and reading this story. We offer a free 'Personal' weekly CVE alert service, or an upgraded 'Business' service with additional features, including zero-day alerts. Join more than 1,600 other users and sign up to SecAlerts.
. . .
If you want to stay notified of vulnerabilities that affect you, register for a weekly security report customised to your stack.