Attack Trends in 2020 – A Boom in Double-Extortion Ransomware.
Attack Trends in 2020 – A Boom in Double-Extortion Ransomware
What’s in the report?
- Maze ransomware was the first malware that started the trend of double-extortion in late 2019. By the end of 2020, this tactic was being used by several other ransomware families.
- Some of the major active ransomware families using double-extortion techniques include Doppelpaymer, Conti, Clop, Ragnar Locker, and ChaCha.
Common infection vectors
- One of the most common infection vectors in 2020 was email attack, responsible for over half of all malware infection attempts.
- The use of Excel formulas to obfuscate malicious code saw a three-fold increase in the second half of 2020.
- The most popular brands used for email spoofing were Outlook, Office365, and Facebook Inc. Moreover, web hosting services were responsible for three-quarters of domains used to host phishing pages.
Other trends observed in the report
- The two most prominent malware families in the latter half of 2020 were Lokibot and Formbook info-stealers.
- Moreover, F-Secure highlighted that more than half of the supply chain attacks targeted utility or application software, in the last ten years.
- Around 61% of vulnerabilities spotted in corporate networks were disclosed before 2016 and were five years old.