Positive Technologies experts record sharp increase in number of attacks on trade enterprises

Analyzing the current cyberthreats of Q4 2020, Positive Technologies specialists reveal an increase in the number of attacks aimed at the trade industry and medical institutions around the world. Another feature of Q4 was the increase in the number of social engineering attacks on individuals.

Throughout 2020, experts observed a quarterly increase in the number of cyber incidents, and Q4 was no exception. The number of attacks increased by 3.1% compared to Q3; and grew by 42.2% compared to the same period in 2019. The previously noted trend of switching from social engineering to hacking methods in attacks on organizations strengthened in Q4. On the contrary, in incidents affecting individuals, experts recorded a surge in the use of social engineering techniques, with the share of this method increasing from 67% in Q3 to 85% in Q4.

According to the report, Cybersecurity Threatscape: Q4 2020, the number of attacks on the trade industry increased by 56% compared to Q3 and is the highest level seen in the past two years. About a third of the incidents in this area were committed by ransomware operators, as, for example, in the case of the attack on E-Land, a South Korean retailer. In one out of five attacks on retailers, criminals placed web skimmers^[1] on hacked store websites.

“Most often, during attacks on the trade industry, cybercriminals steal payment card data,” said Yana Yurakova, an analyst at Positive Technologies. “For example, in Q4, its share among all stolen information was 33%. The second most popular target is customers' personal data (27%) and third is credentials (20%).”

Pharmaceutical companies involved in the production and supply chain of the COVID-19 vaccine, such as Fareva, Dr Reddy's, and Johnson & Johnson have also come under a multitude of attacks. Criminals not only try to steal intellectual property and disrupt production, but also continue to exploit ordinary people's interest in vaccines. According to Positive Technologies’ research, in Q4 about 40% of all phishing emails concerning the pandemic were related to the COVID-19 vaccine.

In Q4 2020, the company's analysts again noted an increase in the number of attacks using ransomware: Their share amounted to 56% among all attacks using malware. Most of the attacks were seen against medical (20%) and government institutions (19%), as well as industrial companies (11%). Among the most popular ransomware, experts named Ryuk, REvil, Clop, Egregor and DoppelPaymer.

To protect against cyberattacks, Positive Technologies experts, first of all, advise adhering to the general recommendations for ensuring both corporate and personal cybersecurity. To make it easier to identify and eliminate infrastructure flaws, experts recommend creating an automated vulnerability management process. In addition, it is advised to use modern security tools, including web application firewalls, network traffic analysis tools, and SIEM systems. To prevent attacks related to sending malware by email, the company's experts recommend checking attachments in a sandbox, a special virtual environment designed to analyze the behavior of files.

^[1] Malicious code embedded on the page of a hacked site to steal user-entered bank card data.

Source: Positive Technologies media announcement