Criminals are preying on the rising insecurity over the impact of COVID-19 and the move to remote working to increase the scale and numbers of cyber-attacks.
Specialist insurer Beazley has reported a 25% spike in ransomware attacks in the first quarter of 2020 versus Q4 2019, based on incidents reported to in-house breach response team Beazley Breach Response (BBR) Services.
The quarter also saw a significant increase in the levels of phishing attacks as criminals saw the opportunities that have been presented by the pandemic and the lockdown.
While nearly all industries reported incidents, the manufacturing sector was the hardest hit with a 156% increase in incidents quarter-over-quarter.
Although manufacturing saw the biggest rise in ransomware incidents, the most affected sectors continue to be financial services and healthcare, which together accounted for half of all ransomware attacks reported to Beazley in the first quarter.
Ransomware attacks against vendors and managed service providers (MSPs) continued to pose problems in the first three months of this year and not only for the targeted business but often their downstream clients, too. Banks and credit unions and healthcare organisations were particularly hard hit as a result of attacks against MSPs.
As attack groups turned their attention to ransomware, business email compromise (BEC) incidents reported to Beazley declined 16 percent in the first quarter as compared to the previous quarter. The issue has certainly not gone away ‑ a possible reason for the decline may be that fewer email compromises have been identified and reported due to the disruption caused by COVID-19.
Phishing attacks, however, have soared during lockdown, according to security awareness training experts, KnowBe4. Their research has tracked myriad ways that cyber criminals are using phishing scams to steal personally identifiable information through fake emails and texts designed to look like official COVID-19-related information.
Katherine Keefe, head of BBR Services, said: “Cyber criminals are preying on people’s heightened anxiety during this pandemic, tricking them into clicking and sharing links that steal information. Also, those working from home may have weaker IT security than corporate networks typically provide. Organisations must ensure their security systems and protocols are up to date and ensure that colleagues working from home are extra vigilant.”