COVID-19 themed cyber-attacks increased by 114% in Q4 2020 compared to Q3, according to data from the McAfee Threats Report: April 2021. This followed rises of 605% and 240% in Q2 and Q3 2020 respectively, demonstrating that threat actors have continued to leverage the pandemic to target organizations and individuals.
The study, which looked at the evolving threat landscape in the final quarter of 2020, found there was a 10% overall rise in malware detections in Q4 compared to Q3, reaching an average of 648 threats per minute.
There was a particularly large surge in Powershell threats in Q4 compared to Q3, up by 208%, which McAfee said was largely driven by Donoff malware. Additionally, mobile malware grew by 118% quarter-on-quarter, partly due to a growth in SMS Reg samples. The HiddenAds, Clicker, MoqHao, HiddenApp, Dropper and FakeApp strains were the most commonly detected mobile malware families.
There was also a significant increase in ransomware attacks in Q4, up by 69%. This was driven by Cryptodefense, with REvil, Thanos, Ryuk, RansomeXX and Maze groups the most common families detected, according to the data.
The technology sector was heavily targeted during Q4 of 2020, with McAfee observing a 100% rise in publicly reported cyber-incidents against this industry. A similar rate of increase (93%) was seen in the public sector.
This report also highlighted the most common MITRE ATT&CK techniques used by cyber-criminals in Q4. These included System Information Discovery, Obfuscated Files or Information, File and Directory Discovery, Data Encryption for Impact, Stop Services, Process Injection, Process Discovery, Masquerading Techniques and Exploits of Public Facing Applications.
Raj Samani, McAfee fellow and chief scientist commented: “The world—and enterprises—adjusted amidst pandemic restrictions and sustained remote work challenges, while security threats continued to evolve in complexity and increase in volume.
“Though a large percentage of employees grew more proficient and productive in working remotely, enterprises endured more opportunistic COVID-19 related campaigns among a new cast of bad-actor schemes. Furthermore, ransomware and malware targeting vulnerabilities in work-related apps and processes were active and remain dangerous threats capable of taking over networks and data, while costing millions in assets and recovery costs.”