Compromising every web-connected server and service you can find gets tiring after a while – and by the end of 2021 internet criminals targeting British companies were as fatigued as the rest of us, according to Bitdefender.
In its 2020 Consumer Threat Landscape report, Bitdefender reckoned that most malware and ransomware infections occurred in the first half of the year – with cybercrims being noticeably less active in the runup to Christmas.
The company reckoned that during 2020, two-thirds of all ransomware attacks it detected in the UK happened in Q1 and Q2 – with 11 per cent of the year’s total taking place in Q4. Similarly, the company reckoned 74 per cent of cryptocurrency miner malware attacks took place in H1, whereas H1 2019 saw 54 per cent of the year’s detected total taking place.
Bitdefender did not break out raw numbers, referring only to percentages in its report [PDF].
Meanwhile, 46 per cent of exploit kits seen by Bitdefender being deployed against UK targets during 2020 were observed in Q1, versus a round 25 per cent of the previous year’s total.
“Our 2020 findings depict consumers under constant assault from cybercriminals looking to capitalize on fear and societal uncertainty accompanying the global pandemic,” said Bogdan Botezatu, director of threat research and reporting at Bitdefender, in a canned statement. “Cybercriminals will stop at nothing to use outlier events and human empathy to line their pockets. As the pandemic continues we are constantly seeing attacks evolve through malware delivery mechanisms, inventive social engineering and new exploits.”
Just phished a bunch of people with booby-trapped emails. Ugh! I wish I could go to the pub…
What we’re also seeing is potential signs that even criminals are starting to suffer from lockdown burnout – and the effect is also seen in other countries. More than half of 2020’s exploit total in Sweden was seen by Bitdefender during Q1, tapering down to just 8 per cent of that country’s total in Q4.
The firm’s other findings mirrored those from the rest of the industry, broadly showing that ransomware attacks increased during 2020 alongside infamous malware such as the Emotet banking trojan – though in January 2021 a multinational police operation claimed to have taken down its command-and-control servers.
Meanwhile, research from Kenna Security earlier this year showed that about 475 CVE-tracked vulnerabilities were actively exploited during 2019, suggesting that despite high raw numbers of attacks, the number of attack vectors that defenders need to keep abreast of may not be as high as some vendors claim. ®