Cybercriminals exploit remote working to launch targeted attacks
The pandemic-driven shift to remote working has led cybercriminals to ditch many of their old tactics, and put a new emphasis on gathering intelligence and exploiting and preying on fears with targeted and sophisticated attacks.
The latest State of Malware report from Malwarebytes has found a major shift in the devices targeted and strategies deployed by cybercriminals.
The use of applications that monitor user activity -- including all tracking applications -- rose from January to December by 565 percent, while spyware app detections rose across the same period by 1,055 percent.
"This past year has taught us that cybercriminals are increasingly formidable, planning long-term, strategic, and focused attacks that are sometimes years in the making. 2020 continued to show us that no company is immune, and there is no such thing as 'safe enough'," says Marcin Kleczynski, CEO of Malwarebytes. "The COVID-19 pandemic compounded this with new challenges in securing remote workforces, making it essential that we quickly become more adaptable and learn how to better protect workers in any environment. While our total detections are down this year, we must remain vigilant. The threats we are seeing are more refined and damaging than ever before."
Interestingly, Windows malware detections in 2020 were down 12 percent overall and 24 percent for businesses, while Mac detections dropped 37 percent overall but rose 31 percent for businesses.
Potentially Unwanted Programs (PUPs) made up more than 76 percent of threat detections for Macs, while adware represented about 22 percent. Malware meanwhile only accounted for 1.5 percent.
Among the top threats for both businesses and consumers are the Microsoft Office software cracker KMS, the banking malware Dridex, and the cryptocurrency mining BitCoinMiner. In the Android world the Bankbot trojan, which steals payment information using fake login screens, saw a huge spike, amassing a 3,841 percent surge in detections.
Looked at by industry sector, essential supplies have been targeted with agriculture suffering a 607 percent increase in threat detections, while detections for the food and beverage industry increased by 67 percent. Targets which have been hard hit in the past all dropped in detections as business activity slowed -- education fell 17 percent, healthcare dropped 22 percent, and automotive declined by 18 percent.
The full report is available on the Malwarebytes site.