Woburn, MA – December 10, 2020 — /BackupReview.info/ — Kaspersky researchers have analyzed the redistribution of threat activity that took place in 2020, as the COVID-19 pandemic caused a worldwide, involuntary shift to digital platforms and tools used to work and carry out other aspects of our lives from home. The new way of life resulted in organizations adjusting their corporate networks and led to the emergence of new threats to target those networks, as well as the strengthening of existing threats. Details on these and other findings are covered in the new “Story of the year: remote work” report — https://securelist.com/the-story-of-the-year-remote-work/99720/
Kaspersky researchers observed a 242% growth of brute force attacks on remote desktop protocol (RDP) compared to last year and 1.7 million unique malicious files disguised as apps for corporate communication. Both of these findings reflect the ways attackers set their sights on users that work from home.
Sending employees to work from home in such a short timespan opened up new vulnerabilities that cybercriminals were quick to target. The volume of corporate traffic grew, and users swiftly moved to using third-party services to exchange data, often working via potentially insecure Wi-Fi networks.
Another headache for information security teams was, and still is, the increased number of people using remote-access tools. One of the most popular application-level protocols for accessing Windows workstations or servers is Microsoft’s proprietary protocol, RDP. Computers that have been made available to remote workers and were incorrectly configured grew in number during the first wave of lockdowns across the globe, and so did the number of cyberattacks on them. These attacks usually attempted to brute-force (systematically trying to find the correct option) a username and password for RDP. A successful attempt resulted in cybercriminals gaining remote access to the target computer in the network.
Since the beginning of March, the number of Bruteforce.Generic.RDP detections has skyrocketed, resulting in the total number detected in the first eleven months of 2020 growing by 3.4 times, compared to the number of the same type of attacks in 2019. Overall, 3.3 billion attacks on Remote Desktop Protocol were detected between January and November 2020. In 2019, during the same 11-month period, Kaspersky detected 969 million of these attacks worldwide.
RDP attacks dynamics, January – November 2020 vs 2021
Aside from attacks on RDP, cybercriminals were quick to figure out that many workers replaced offline communication with online tools and so decided to abuse this demand too. Kaspersky detected 1.66 million unique malicious files that were spread under the guise of popular messenger and online conference applications, typically used for work. Once installed, these files would primarily load Adware programs that flooded victims’ devices with unwanted advertising and gathered their personal data for third-party use. Another group of files disguised as corporate apps were Downloaders. These are applications that may not be malicious on their own, but are able to download other harmful apps, from Trojans to remote access tools.
“This year taught us a lot,” said Dmitry Galov, security researcher at Kaspersky. “The move online was not as flawless as one would imagine, especially given that we already lived in what we thought was a digitized world. As the focus switched to remote work, so did the cybercriminals, who directed their efforts to capitalize on a rise in adoption. I am happy to state that the adoption process was fast and this meant the world could go on. Economies did not freeze and we still get to have our coffee, albeit, via delivery services. Yet now we know that there is still a lot to learn about the responsible use of technology, with data sharing at the heart of it.
“One of the biggest challenges of 2020 turned out to be awareness of potential online dangers,” continued Galov. “The key here is not that the sudden demand for online services – be they work-related or for food delivery – grew. Many new users were people who in principle avoided being so digitally exposed in first place. They did not necessarily disregard the need for cybersecurity – they had simply chosen not to use digital services before and were less educated about what can happen online. This group of people turned out to be one of the most vulnerable during the pandemic – their level of awareness of online dangers was very low. It seems like we have been given a big challenge worldwide and I hope that helped increase the level of cybersecurity awareness among ordinary users.”
Since working from home is here to stay, Kaspersky recommends employers and businesses follow the advice below to stay on top of any potential IT security issues when their employees work remotely:
While there is a lot of responsibility on employers to keep corporate devices and networks secure, Kaspersky is also offering the following recommendations for consumers and workers during their time at home:
Read the whole story of 2020 at Securelist.com
All Kaspersky Security Bulletin stories with results from 2020 and predictions for 2021 are available here: https://securelist.com/ksb-2020/
About Kaspersky
Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 250,000 corporate clients protect what matters most to them. Learn more at usa.kaspersky.com.
Media Contact
Sawyer Van Horn
sawyer.vanhorn@Kaspersky.com
(781) 503-1866
Source: Kaspersky
Tags: Kaspersky
Copyright © 2004 - 2020 Backup Review.info | Sitemap
RSS feed for comments on this post · TrackBack URI
Leave a reply