Cybercriminals pivoting from social engineering to hacking with keen interest in COVID vaccine: Study

Ransomware attacks have grown, with hacking now accounting for 30% of all attacks, and the healthcare industry is increasingly targeted by criminals

Cybercriminals pivoting from social engineering to hacking with keen interest in COVID vaccine: Study - CIO&Leader

Ransomware attacks have grown, with hacking now accounting for 30% of all attacks, and the healthcare industry is increasingly targeted by criminals. In particular, attackers have begun exploiting worldwide interest in a COVID-19 vaccine, according to Positive Technologies’ Cyber Threat Landscape report.

The report indicates a slowdown in the explosive growth in attacks seen during the first two quarters of the year as the COVID-19 pandemic picked up steam. Additionally, the number of targeted attacks remains stubbornly high, growing from 63% in Q2 to 70% in Q3.

Healthcare organizations were hard-hit in the third quarter. Half of all attacks against them involved ransomware, resulting in serious consequences such as attackers cashing in on patient data and crippling hospital functions and systems. Attackers did not spare clinics where COVID-19 patients were being treated or pharmaceutical sites where vaccine research was being conducted.

The third quarter also brought a record rise in the number of ransomware attacks, which accounted for over half of all malware attacks - 51% of the total in Q3 compared to 39% in Q2. Additionally, social engineering has become relatively less common since the start of the year, falling from 67% of attacks against organizations in Q1 to just 45% in Q3.

Due to the pandemic triggering a mass shift to remote working, many companies have made services available on the network perimeter for the first time. Thus, attackers have had ample opportunities to strike at companies that have not taken the proper security precautions. Exploitation of vulnerabilities (as a method for attacking organizations) grew by 30%, which is 12%age points more than in the previous quarter as attackers are actively targeting flaws in remote access systems.

The number of attacks on manufacturing and industrial companies has also remained high since the start of the year, with APT groups and ransomware operators the primary culprits. Nearly 70% of attackers in this instance continued to use email as their primary initial vector. The share of attacks using ransomware accounted for 45% of the total number of attacks, and 20% of attacks in Q3 included spyware or malware for remote administration.

Analyst Yana Yurakova at Positive Technologies said: "According to our data, COVID-19 is being exploited in attacks on individuals as well as organizations. In regard to individuals, we see that the number of phishing emails related to COVID-19 is dropping quickly. Pandemic-themed messages fell from 16% of social engineering attacks in Q2 to just 4% in Q3. In the previous quarter, phishing emails would advertise personal protective equipment or offer information about the virus, whereas now they are exploiting interest in a vaccine. One mailing addressed to people in the United Kingdom claimed that local vaccine efforts were going slowly and offered a supposed vaccine for sale on the site of a Canadian pharmacy chain. Individuals need to stay extra vigilant of the threats which are circulating linked to the pandemic.


Add new comment