Another year under the sign of threats from phishing and malware
Ten post dostępny jest także w języku: polski
According to CERT Orange Polska’s 2020 report, the Cyber Shield protection system on Orange’s network aggregated over 40 million times last year, while protecting 3.5 million users. Cybercriminals used the current pandemic situation to achieve their goals, and phishing and malware attacks were again behind most of the threats on the network.
Phishing is a major threat
Phishing, which is a method of fraud in which a criminal impersonates another person or institution in order to obtain confidential information, was again the most common online threat in 2020. According to the analyzes of CERT Orange, last year there were over 40 million attempts to access websites containing this type of threat. New for both cybercriminals and their potential victims of cyber attacks was the situation related to the Covid-19 pandemic. Messages from courier companies, commercial portals and instant messengers using the current situation to infect a private device have become commonplace.
The year 2020 was also distinctive in terms of the reach and effectiveness of phishing campaigns. One in five Orange internet users who were exposed to fake sites due to SMS phishing campaigns attempted to link to a single domain. In contrast, 5% of dominant domains lured as many as 82% of users.
“Phishing, including phishing for payment card details via social media and instant messaging, by far dominated the threats we saw in 2020. Malware, too, accounted for a sizable percentage of all threats compared to 2019. Mobile bankers, aggressive campaigns of Emotet, extinguished by Europol earlier this year, data theft, or ransomware are also a significant item in the incident analysis and feeding our Cyber Shield,” says Robert Grabowski, head of CERT Orange Polska.
Malware is also dangerous
The second most common method used by cybercriminals in 2020, after phishing, was malware. Moreover, this type of threat has seen the largest increase in the share of individual cyber threats over the year – from 11% in 2019 to nearly 25% in 2020. As in pshishing, in most cases, cybercriminals used the pandemic to infect devices.
The next most common threats are DDoS attacks, which are responsible for over 20% of all threats in the network. In this case, CERT Orange Polska experts pay attention to shorter and shorter attacks with more and more power. As they emphasize, most DDoS attacks lasted less than 10 minutes.
The report also highlights the strongest cyber attack that occurred in 2020. During that period, the Cyber Shield protection system recorded an attack of 303 Gbps. Interestingly, this result was surpassed in March 2021, where there were two attacks of more than 400 Gbps. As Orange points out, all were repelled.