Covid-19 related attacks dominate threat landscape in GCC: report

Covid-19 related threats were the single largest type of cyberthreat in the first half of the year, according to Trend Micro’s mid-year report. In the first six months of 2020, Trend Micro blocked 8.8 million Covid-19 related threats, nearly 92 per cent of which were spam delivered via emails, the report revealed.

The study highlights how cyber criminals shifted their focus from January through June to take advantage of global interest in the pandemic. The risk to businesses was compounded by security gaps created by a largely remote workforce.

During the first half of 2020, the UAE experienced a combined 13,100,616 email, URL, and malware threats detected. The UAE saw 6,042,459 email threats, 6,187,404 URL victims, 34,360 URL hosted, and 836,393 malware detections. Ransomware continues to be a major issue. The UAE’s ransomware attacks account for 4.27 per cent of the world’s ransomware attacks, the report said.

Read: How Covid-19 has worsened corporate cybersecurity woes

The Gulf Cooperation Council (GCC) saw 56,870,977 combined email, URL, and malware threats detected during the first half of 2020. Cyber-threats included 41,236,550 email threats, 13,181,016 URL victims, 2,392,097 malware detections, and 61,314 URL hosted threats.

Business Email Compromise (BEC) detections increased by 18 per cent from the second half of 2019, in part due to scammers trying to capitalise on home workers being more exposed to social engineering.

Among all the threats in the first half of the year, ransomware was a constant factor. Although the number of detected ransomware threats decreased, Trend Micro saw a 36 per cent increase in new ransomware families compared to the same time last year.

Global organisations have also been burdened by a significant spike in newly disclosed vulnerabilities. Trend Micro’s Zero Day Initiative (ZDI) published a total of 786 advisories, representing a 74 per cent increase from the second half of 2019. Some of these came as part of Microsoft Patch Tuesday updates, which have fixed an average of 103 CVEs per month so far in 2020 — including the largest number of patches ever issued in a single month (129) in June.

Trend Micro also observed a 16 per cent increase in vulnerabilities disclosed in industrial control systems (ICS), compared to the first half of 2019, which could create major challenges for smart factory owners and other organisations running IIoT environments.