McAfee COVID-19 threat report reveals 375 new threats per minute
Cybersecurity company McAfee has released its McAfee COVID-19 Threat Report: July 2020 examining cybercriminal activity related to COVID-19 and the evolution of cyber threats in Q1 2020.
McAfee Labs saw an average of 375 new threats per minute and a surge of cybercriminals exploiting the pandemic through COVID-19 themed malicious apps, phishing campaigns, malware, and more. New PowerShell malware increased 688% over the course of the quarter while total malware grew 1,902% over the past four quarters.
Disclosed incidents targeting the public sector, individuals, education and manufacturing all increased. Nearly 47% of all publicly disclosed security incidents took place in the United States.
McAfee researchers found it is typical of COVID-19 campaigns to use pandemic-related subjects including testing, treatments, cures, and remote work topics to lure targets into clicking on a malicious link, download a file, or view a PDF.
To track these campaigns, McAfee Advanced Programs Group (APG) has published a COVID-19 Threat Dashboard, which includes top threats leveraging the pandemic, most targeted verticals and countries, and most utilised threat types and volume over time.
Says Raj Samani, McAfee fellow and chief scientist:
“Thus far, the dominant themes of the 2020 threat landscape have been cybercriminal’s quick adaptation to exploit the pandemic and the considerable impact cyberattacks have had.”
He continues: “What began as a trickle of phishing campaigns and the occasional malicious app quickly turned into a deluge of malicious URLs and capable threat actors leveraging the world’s thirst for more information on COVID-19 as an entry mechanism into systems across the globe.”
Concludes Patrick Flynn, head of McAfee APG:
“Cybersecurity cannot be solved by cookie cutter approaches, each organisation is unique and has specific intelligence requirements and objectives.
“The McAfee COVID-19 Threat Dashboard utilises data to create true analysed intelligence, which allows users to understand the total threat environment, informing them of potential threats before they are weaponised.”
