Cyber security firm saw attacks rise by 20% during 2020

Finger pointing towards malware on a piece of code
(Image credit: Shutterstock)

According to a new Trend Micro report, pandemic-related threats contributed to a marked rise in cyber security threats in 2020. The company saw 62.6 billion cyber security threats in 2020, a 20% increase.

The Trend Micro 2020 Annual Cybersecurity Report noted a slew of pandemic-related attacks as online criminals seek to exploit the crisis. Trend Micro detected nearly 16.4 million pandemic-related threats, mostly stemming from spam.

As the pandemic sent employees out of the office, Trend Micro noted a rise in attacks on remote workers' homes. Attacks on devices in homes rose 210% from 929 million in 2019 to nearly 2.9 billion in 2020. Trend Micro saw the number of routers subject to inbound attacks rise from 1.14 million in 2019 to 1.49 million in 2020 and noted that those suffering from outbound attacks, in which malicious actors used routers to launch further attacks, also rose.

Overall, the report estimated that 15.5% of routers connected to Trend Micro's Smart Home Network system suffered inbound attacks.

Brute force attacks topped the inbound attack attempts on home devices, with attempts on NETBIOS SMB usernames reaching 1.4 billion and RDP-based brute-force logins reached 618.5 million in 2020.

RELATED RESOURCE

How to improve cyber security for remote working

13 recommendations for security from any location

FREE DOWNLOAD

The report also saw attackers targeting VPN software, capitalizing on vulnerabilities in Fortinet's VPN and the Pulse Connect Secure VPN. The company detected almost 800,000 probes of the Pulse vulnerability, noting it had been used in attacks delivering the Sodinokibi ransomware.

Trend Micro discovered 127 new ransomware families in 2020, 34% more than it found in 2019. A notable new entrant was the Egregor ransomware, which ranked in the top 10 for detected infections despite its initial detection coming in September 2020.

Despite Egregor's success, 2017's WannaCry is still the most-detected malware family by far, with 220,166 detections infected. The next most popular was Locky, with just 15,816 cases.

Governments were hardest-hit by ransomware attacks, with 31,906 cases. The second-most affected sector was banking, with 22,082 cases.

Trend Micro also noticed an interesting trend in phishing attacks. The number of non-unique phishing URLs decreased slightly, while the number of unique phishing URLs blocked increased from 161.7 million to 194.5 million. The company stated attackers might be targeting their victims more with custom URLs.

Danny Bradbury

Danny Bradbury has been a print journalist specialising in technology since 1989 and a freelance writer since 1994. He has written for national publications on both sides of the Atlantic and has won awards for his investigative cybersecurity journalism work and his arts and culture writing. 

Danny writes about many different technology issues for audiences ranging from consumers through to software developers and CIOs. He also ghostwrites articles for many C-suite business executives in the technology sector and has worked as a presenter for multiple webinars and podcasts.