Mimecast Limited launched the Threat Intelligence Report: Black Hat U.S.A. Edition 2020. The report provides a technical analysis of United States targeted attacks that attempted to infiltrate the security environment of Mimecast customers. Two main trends ran throughout the analysis: the desire for attacker’s monetary gain and continued reliance on COVID-19-related campaigns, especially within certain vertical industries. One of the most significant observations was that threat actors are launching opportunistic and malware-based campaigns across multiple verticals at volumes at an alarming rate. The report also forecasts what types of attacks will likely spike in the next six months and offers recommendations on how to help organizations become more secure and resilient.
The majority of attacks seen by the Mimecast Threat Center during this period were simple, high volume forms of attacks, such as spam and phishing that is likely a reflection of the ease of access to tools and kits available online. As the attacks progressed, exploits evolved to more potent forms of malware and ransomware with the attacker’s goal appearing to be monetary gain.
In addition, malware-centric campaigns have been a fixture of 2020 and have become increasingly sophisticated. 42 significant campaigns were identified during the six-month period that the report covers. The campaigns showed a significant uptick in the use of short-lived, high volume, targeted and hybridized attacks against many sectors of the U.S. economy. Mimecast researchers believe it is highly likely a consequence of threat actors targeting industries that remained opened during the ‘stay at home’ period in the U.S., as well as those essential to the nation’s recovery from the current pandemic. Interestingly, the media and publishing sectors suffered high volumes of impersonation attacks, potentially as a vehicle for cybercriminals to spread disinformation across the U.S.
“If one thing is for certain, the pandemic we’re living in today has caused significant challenges. We’ve continued to see threat actors tap into the vulnerabilities of humans and launch campaign after campaign with a COVID-19 hook, in attempt to get users to click harmful links or open malicious files,” said Josh Douglas, vice president of product management, threat intelligence at Mimecast. “The ultimate goal of Mimecast’s Threat Intelligence reports are to help organizations better understand today’s threat landscape, so they can prepare for tomorrow’s threats and make better informed decisions to improve their cybersecurity and resilience.”