Detected Cyber Threats Rose 20% to Exceed 62.6 Billion in 2020

Trend Micro�s annual roundup report can guide strategic security planning for the new year

HONG KONG SAR - Media OutReach - 24 February 2021 - Trend Micro

(TYO: 4704; TSE: 4704), a global
leader in cybersecurity,
today announced it detected 119,000
cyber threats per minute in 2020 as home workers and infrastructure came under
new pressure from attacks. This insight and many others come from Trend
Micro's 2020 roundup report, A Constant State of Flux: Trend Micro 2020
Annual Cybersecurity Report.

The report also shows that home networks were a major draw last year for
cybercriminals looking to pivot to corporate systems, or compromise and conscript
IoT devices into botnets. Trend Micro found attacks on homes surged 210% to
reach nearly 2.9 billion--amounting to 15.5% of all homes. The vast majority
(73%) of attacks on home networks involved brute forcing logins to gain control
of a router or smart device.

Email-borne threats made up
91% of the 62.6 billion threats blocked by Trend Micro last year, indicating
that phishing attacks continued to be hugely popular. The company detected
nearly 14 million unique phishing URLs in 2020 as attackers targeted distracted
home workers.

"In 2020, businesses faced
unprecedented threat volumes hitting their extended infrastructure, including
the networks of home workers. Familiar tactics such as phishing, brute forcing
and vulnerability exploitation are still favored as the primary means of
compromise, which should help when developing defenses," said Tony
Lee, Head of Consulting of
Trend Micro Hong Kong and Macau. "Global organizations have now had time to
understand the operational and cyber risk impact of the pandemic. The new year
is a chance to adjust and improve with comprehensive cloud-based security to
protect distributed staff and systems."

Other key trends included:

  • Newly
    detected ransomware families increased 34%, with "double extortion" attacks --
    where attackers steal data before encrypting it to force payment by threatening
    to release the stolen information -- and more targeted threats becoming
    increasingly popular. Government, banking, manufacturing and healthcare were
    the most targeted sectors.
  • The
    number of vulnerabilities published by the Zero Day Initiative (ZDI) increased
    40% year-on-year, but Trend Micro continues to see flaws from as far back as
    2005 being heavily exploited.
  • Many
    attacks targeted flaws in VPNs used by remote workers. CVE-2019-11510, a
    critical arbitrary file disclosure flaw in Pulse Connect Secure, already has
    nearly 800,000 hits based on Trend Micro customer data.
  • Cloud
    service misconfigurations increasingly had consequences in 2020. Trend Micro
    observed exploitation of unsecured APIs in several cryptocurrency mining
  • The
    ZDI published 1,453 vulnerability advisories, nearly 80% of which were rated as
    Critical or High severity.
  • On
    the positive front, there was a 17% fall in detections
    of BEC attacks, although there's no indication of how many were successful.

the full report:

About Trend Micro

Trend Micro, a global
leader in cybersecurity, helps make the world safe for exchanging digital
information. Leveraging over 30 years of security expertise, global threat
research, and continuous innovation, Trend Micro enables resilience for
businesses, governments, and consumers with connected solutions across cloud
workloads, endpoints, email, IIoT, and networks. Our XGen� security strategy
powers our solutions with a cross-generational blend of threat-defense
techniques that are optimized for key environments and leverage shared threat
intelligence for better, faster protection. With over 6,700 employees in 65
countries, and the world's most advanced global threat research and
intelligence, Trend Micro enables organizations to secure their connected world.

To Top