Η ESET δημοσίευσε την Έκθεση Απειλών του 2ου τετραμήνου 2021, στην οποία συνοψίζονται τα στατιστικά που καταγράφηκαν από τα συστήματα εντοπισμού της ESET, τα σημαντικότερα ευρήματα για απειλές από τις έρευνες κυβερνοbetter safetyof ESET, as well as data published for the first time in the market.
The recent one version της Έκθεσης Απειλών της ESETυπογραμμίζει αρκετές ανησυχητικές τάσεις που καταγράφηκαν από την τηλεμετρία της ESET, όπως οι όλο και πιο επιθετικές τακτικές ransomware, οι πιο εντατικές επιθέσεις τύπου brute-force αλλά και των παραπλανητικών εκστρατειών Phishing which target people who work from home and perform many administrative tasks remotely.
Ransomware, which saw three major peaks during duration of the 2nd quarter, presented the largest ransom demands to date. The attack that shut down Colonial Pipeline – the largest pipeline company in the US – and the supply chain attack that exploited a vulnerability in Kaseya's IT management software sent shockwaves beyond the cybersecurity industry.
Both attacks appeared to be aimed at financial gain rather than cyber espionage, with the perpetrators of the Kaseya attack setting an ultimatum for payment of $ 70 million - the highest ransom demand to date.
"Ransomware gangs may have gone too far this time: the authorities' involvement in such high-profile incidents has forced several gangs to leave the field. But the same cannot be said for TrickBot, which seems to have recovered from last year's efforts, doubling its detection and new features, ”explains Roman Kováč, ESET chief research officer.
On the other hand, the definitive vacation Emotet's launch at the end of April 2021 saw downloader detections cut in half compared to Q1 2021.
Password-guessing attacks, which often serve as a gateway for ransomware, increased further in the second four months.
Between May and August 2021, ESET detected 55 billion new brute-force attacks (+104% compared to Q1 2021) against Remote Desktop Protocol services with public access. ESET Telemetry also saw an impressive increase in the average daily number of attacks per unique client, which doubled from 1.392 attempts per machine per day in Q1 2021 to 2.756 in Q2 2021.
Exclusive research presented in the Q2 2021 Threat Report includes findings on DevilsTongue spyware, which usesto spy on human rights defenders, dissidents, journalists, activists, and politicians, as well as a new spear phishing campaign by the APT Dukes group, which remains a primary threat to Western diplomats, NGOs, and think tanks.
A separate section is devoted to the new tools used by the highly active Gamaredon team targeting government agencies in Ukraine.
The 2nd Quarterly 2021 Threat Report also examines the most important findings and achievements of ESET researchers: a new APT team focusing on Windows and Linux systems, a variety of security issues in stalkerware applications for Android, and a different category of malware targeting IIS servers , which is highlighted in the Featured story section.
Finally, ESET's report includes an overview of a series of recommendations they gave researchers and company experts over the past few months and presents talks scheduled for Virus Bulletin, AVAR, SecTor and many other conferences. It also provides an overview of ESET's participation in the MITER Engenuity ATT&CK® assessment, which will focus on the tactics, techniques and processes used by the Wizard Spider and Sandworm APT teams.
You can read it ESET Threat Report Q2 2021 (PDF) on ESET's blog, WeLiveSecurity.