3.1 million external attacks on Cloud user accounts in Q4 2020: McAfee report
Anti-virus software company McAfee on Tuesday said it has observed an average of 648 cyber threats per minute in the fourth quarter of 2020, an increase of 60 threats per minute (10 per cent) over the third quarter, with 3.1 million external attacks on Cloud user accounts.
The attacks on Cloud user accounts are based on the aggregation and anonymisation of cloud usage data from more than 30 million McAfee ‘MVISION’ cloud users worldwide during the fourth quarter of 2020.
According to the report, this data set represents companies in all major industries across the globe, including financial services, healthcare, public sector, education, retail, technology, manufacturing, energy, utilities, legal, real estate, transportation and business services.
The two quarters also saw Covid-19-related cyber-attack detections increase by 240 per cent in Q3 and 114 per cent in Q4 2020, while “Powershell” threats again surged 208 per cent due to continued increases in ‘Donoff’ malware activity, reports McAfee Labs.
“Though a large percentage of employees grew more proficient and productive in working remotely, enterprises endured more opportunistic Covid-19 related campaigns among a new cast of bad-actor schemes,” said Raj Samani, McAfee fellow and chief scientist.
Mobile malware grew 118 per cent in Q4 2020, in part due to a surge in SMS Reg samples. The HiddenAds, Clicker, MoqHao, HiddenApp, Dropper and FakeApp strains were the most detected mobile malware families.
“Ransomware and malware targeting vulnerabilities in work-related apps and processes were active and remain dangerous threats capable of taking over networks and data, while costing millions in assets and recovery costs,” Samani added.
Ransomware grew in volume 69 per cent from Q3 2020 to Q4 2020, driven by Cryptodefense. REvil, Thanos, Ryuk, RansomeXX and Maze groups topped the overall list of ransomware families.
Malware was the most reported cause of security incidents in Q4, followed by account hijackings, targeted attacks and vulnerabilities.