McAfee has released its Quarterly Threats Report examining cybercriminal activity related to malware and the evolution of cyber threats in Q2 2020.
During this past quarter, McAfee saw an average of 419 new threats per minute. What began as a trickle of COVID-19-related phishing campaigns has evolved into a surge of data breaches and threat actors leaking sensitive data - exploiting the realities of large swathes of the workforce working from home.
Top findings in the report include:
· McAfee’s global network of over a billion sensors registered a 605% increase in total Q2 2020 COVID-19-themed attack detections
· McAfee saw PowerShell malware surged 117% due to proliferation of malicious Donoff documents
· Attacks on cloud services users reached nearly 7.5 million
· New malware samples grew 11.5% in Q2 2020; averaging 419 new threats per minute
· New coinmining malware increased 25% with the adoption of new Coinminer applications
· Publicly disclosed security incidents rose 22%; incidents targeting the technology industry increased 91%
The full report can be found here: https://www.mcafee.com/enterprise/en-us/assets/reports/rp-quarterly-threats-nov-2020.pdf
The fact that there have been nearly 7.5 million attacks on users via cloud services in the second quarter of this year highlights how criminals have been quick to pivot attack methods to take advantage of the pandemic. The move to widespread remote working has required many industries to adopt new cloud services to maintain staff productivity, communication, and collaboration. When managed correctly, however, the cloud is the most secure place to do business and an incredible driver of business growth, innovation, and resiliency. Incorporating cloud into strong data governance policies and regular staff training are the keys to making this a reality.
Given the surges in the malware we are tracking, IT needs to be able to quickly identify, prioritise and respond to these targeted attacks – across both device and cloud. Technology can play a key role in helping security professionals understand whether their organisation is at risk, what specific threats they are susceptible to, and how they can pre-empt an attack. Combining these insights with a proactive approach will significantly enhance cybersecurity effectiveness against today’s rapidly evolving threat landscape. This must go hand-in-hand with a shared responsibility security model. Cloud security requires a layered defense; from service providers to enterprises and individual users, everyone is accountable in some way and must play their part to protect data against cybercriminals.