Amid COVID-19, Cyber Criminals Push Phishing, Ransomware Scams

June 16, 2020

There was a 25% spike in ransomware attacks in the first quarter of 2020 versus the fourth quarter 2019, based on incidents reported to in-house breach response team for insurer Beazley’s Breach Response (BBR) Services.

While nearly all industries reported incidents, the manufacturing sector was the hardest hit with a 156% increase in incidents quarter-over-quarter, according to the specialist insurer.

Although manufacturing saw the biggest rise in ransomware incidents, the most affected sectors continue to be financial services and healthcare, which together accounted for half of all ransomware attacks reported to Beazley in the first quarter.

Ransomware attacks against vendors and managed service providers (MSPs) continued to pose problems in Q1 2020, and not only for the targeted business but often their downstream clients, too. Banks and credit unions and healthcare organizations were particularly hard hit as a result of attacks against MSPs.

Pandemic impact

As attack groups turned their attention to ransomware, business email compromise (BEC) incidents reported to Beazley declined 16 percent in the first quarter as compared to the previous quarter. However, the insurer cautions, the issue has certainly not gone away — a possible reason for the decline may be that fewer email compromises have been identified and reported due to the disruption caused by COVID-19.

Phishing attacks, however, have soared during lockdown, according to security awareness training experts, KnowBe4. This firm’s research has tracked myriad ways that cyber criminals are using phishing scams to steal personally identifiable information through fake emails and texts designed to look like official COVID-19-related information.

“Cyber criminals are preying on people’s heightened anxiety during this pandemic, tricking them into clicking and sharing links that steal information,” said Katherine Keefe, head of BBR Services.

Keefe also said that those working from home may have weaker IT security than corporate networks typically provide. “Organizations must ensure their security systems and protocols are up to date and ensure that colleagues working from home are extra vigilant,” she said.

The full Beazley Breach Insight includes advice on how to protect organization from phishing attacks.

Was this article valuable?

Here are more articles you may enjoy.