Cyber-crime had a boom year in 2020 as online attacks soared and ransomware earned perpetrators millions.
UK businesses faced a 20 per cent rise in cybersecurity threats compared to 2019 and the first COVID-19 lockdown in March escalated hacking attempts into corporate networks.
According to the internet service provider, Beaming, there were more than 686,000 attempts to breach company systems online.
Analysis from SonicWall also showed that ransomware attacks increased by 20 per cent in the first half of last year.
And research by CheckPoint revealed an 80 per cent ransomware surge in the third quarter.
The escalation is believed to be due to a shift to mass remote working with employees across the UK being asked to work from home without much warning using their own devices over which IT departments had much less control.
One in ten cyber-attacks received by UK companies in 2020 sought to gain control of devices connected to the internet of things, according to Beaming. Company file-sharing services, databases and web applications were also targeted.
Beaming’s research found the greatest threat came from China, with 189,695 unique IP addresses identified. This was followed by Taiwan (88,2210) Vietnam (81,570) the USA (79,019) and Brazil (73,183).
The operators behind the notorious Ryuk ransomware family, one of the world’s fastest-spreading strains, have earned more than US$150 million through criminal activity to date.
Ryuk cashes in
Several major organisations have fallen victim to Ryuk, such as French IT services giant Sopra Steria. It confirmed last October that it was targeted in an attack that took weeks to recover from. The incident reportedly cost up to €50 million.
Advanced-Intel researcher Vitali Kremez revealed last November that Ryuk’s largest ransom payment was 2,200 Bitcoins, worth US$34 million.
Defensive measures against ransomware include restricting the execution of Microsoft Office macros, to prevent malicious scripts from running, as well as ensuring all remote access points are up-to-date and use multi-factor authentication (MFA).
Over the past year, other ransomware gangs, such as REvil, Maze, and Egregor, have also made a name for themselves and have also been very active, infecting hundreds of companies. But less is known about how much money they have made.
Gary Jowett, from Computer & Network Consultants (CNC) in Brighton, said: “Research shows that working remotely is likely to become a permanent feature of people’s everyday working lives, with fewer office visits every working week. So even after the pandemic, companies need to have the correct security procedures in place and arm employees with technology and training to protect themselves and the organisation they work for. Audits and tests of all applications which interact with the outside world are one of the essential jobs that need to be done regularly because this is where cybercriminals will keep knocking on the door until they find a route inside your network.”