Attack Landscape Update

F-Secure just published the first report in 2021 regarding current cyber threats landscape. Among the critical threats there are data-stealing ransomware, information harvesting malware and supply chain attacks which are extremely dangerous and seem to be on the rise.

According to the report, there is a new type of extortion, called Ransomare 2.0 that first appeared in late 2019. The main change is that ransomware operators steal data before they encrypt it is so that they can threaten to leak it in order to exert more pressure on victims to pay ransoms. Nearly 40% of ransomware families discovered in 2020, as well as several older families, demonstrated data exfiltration capabilities by the end of last year.

Other trends discussed in the report include:

  • Attackers use of Excel formulas – a default feature that cannot be blocked – to obfuscate malicious code tripled in the second half of 2020.
  • Outlook was the most popular brand spoofed in phishing emails, followed by Facebook Inc. and Office365.
  • Nearly three-quarters of domains used to host phishing pages were web hosting services.
  • Email accounted for over half of all malware infection attempts in 2020, making it the most common method of spreading malware in cyber attacks.
  • Malware that automatically collects data and information from victims (infostealers) continues to be a threat. The two most prevalent malware families in the latter half of 2020 were both infostealers (Lokibot and Formbook).
  • 61% of vulnerabilities found in corporate networks were disclosed on or before 2016, making them at least 5 years old.