The number of cyber-threats identified and blocked by Trend Micro rose by 20% in 2020 to more than 62.6 billion.
Averaging out at 119,000 cyber-threats per minute, the huge figure was included in the company’s annual roundup, “A Constant State of Flux: Trend Micro 2020 Annual Cybersecurity Report,” released earlier today.
Email-borne threats such as phishing attacks accounted for 91% of the 62.6 billion threats blocked by Trend Micro last year. Nearly 14 million unique phishing URLs were detected by the company in 2020, with home networks a primary target.
Researchers found cyber-attacks on home networks surged 210% year-on-year in 2020 to just under 2.9 billion, a figure that equates to 15.5% of all homes. The vast majority (73%) of strikes against home networks involved brute-forcing logins to gain control of a smart device or router.
The number of newly detected ransomware families increased 34% last year. Researchers noted an increase in the popularity of “double extortion” attacks in which attackers exfiltrate data before encrypting it so they can use the threat of publication to extort money as well as charging for the data’s return. Government, banking, manufacturing, and healthcare were the sectors most targeted by ransomware gangs.
While a 17% fall in detections of business email compromise (BEC) attacks was recorded, the number of vulnerabilities published by the Zero Day Initiative (ZDI) increased 40% year-on-year. Among the flaws exploited by criminals are some dating back to 2005.
“In 2020, businesses faced unprecedented threat volumes hitting their extended infrastructure, including the networks of home workers,” said Jon Clay, director of global threat communications for Trend Micro.
“Familiar tactics such as phishing, brute forcing and vulnerability exploitation are still favored as the primary means of compromise, which should help when developing defenses.”
Clay added that a year into the global health pandemic, organizations around the world should be aware of its impact on cybersecurity risk.
“Global organizations have now had time to understand the operational and cyber risk impact of the pandemic,” said Clay.
“The new year is a chance to adjust and improve with comprehensive cloud-based security to protect distributed staff and systems.”