Cyber Crime & Cyber Security 2020 – what you may have missed in the news

With all the headlines surrounding COVID-19, the issues of cyber crime and cyber security have really disappeared to an extent, but that does not mean that the year was any quieter − quite the opposite. As usual, in 2020 the number of cyber attacks has noticeably increased. The situation created by COVID-19 came at just the right time for cyber criminals, as it resulted in an increase in online shopping − a real goldmine for hackers. The same is true of working from home, because many companies were inadequately prepared for the rapid changeover in terms of security. In this blog post, you will read some of the news about cyber crime and cyber security that you may have missed in 2020.

Cyber attacks against the background of COVID-19

Cyber criminals were arguably amongst the few who benefited from the Coronavirus crisis. As previously explained, for example, they benefited from the increase in online transactions and the home office infrastructure, which is often not sufficiently secure. In actual figures:

• Cloud-based attacks rose by 630 % between January and April.
• Since the end of February, 600 % more phishing attacks were recorded.
• In March alone, hacker websites and forums attracted around 66% more visitors.
• Ransomware attacks grew by 148 % in the same month.
• The average value of ransomware payments was 33 % higher than in Q4 2019; specifically, just over CHF 100,000.

Horrifying, isn't it? As is so often the case in cyber crime, the number of unreported cases is definitely much higher...

The most common kinds of attack in 2020

Even people working in cyber security sometimes lose track of all the different types of attacks. It's not surprising, as the list is getting longer and longer. The following is an overview of the most common, most dangerous types of attacks carried out in 2020:

• Malware: The term malware covers a hotchpotch of different viruses, worms, etc. that infiltrate computer systems and once they are there, cause damage. Research has shown that in comparison to last year, the number of malware attacks has doubled. The leaders in this field are the ransomwares REvil, Sodinokibi, Nephilim and Ryuk.
• (Spear) phishing: Depending on the source, between 30 % and 60 % of cyber attacks were due to phishing and social engineering, with spear phishing being the most popular in 2020. In Q2 and Q3, the number of phishing attempts even went up fivefold. This year, a staggering 94% of all malware was sent via phishing.
• DoS & DDoS: A Distributed-Denial of Service attack (DDoS) is a distributed DoS attack. This leads to the IT infrastructure being overloaded, resulting in the server no longer being available. Especially in online trading, the consequences can be fatal if the website stops working. According to a study, there were 4.83 million (!) DDoS attacks in the first half of 2020.
• MitM: The familiar "man-in-the-middle attack" also caused damage. In this kind of attack, the attacker simulates an access point and intervenes between two communicating parties (e.g. computer and Wi-Fi router). Once the victim's device connects to the Wi-Fi, the hacker can access it.

Cyber security & cyber crime have a budgetary impact

It is common knowledge that robust cyber security does not come cheap. All the same, many companies save money on cyber security in the wrong places, as the costs that are incurred as a result of a cyber attack can be far greater than the cost of prevention. The assessment of our partner Varonis even comes to the conclusion that worldwide only 5 % of the companies have adequate security.

• Experts estimate that in 2021, cyber crime will cost us around 6 trillion euros worldwide and will be one of the biggest challenges over the next two decades.
• The cost of cyber attacks is constantly rising. In 2019, each cyber attack (in Germany) cost an average of around € 9,000, and by 2020 the figure had already risen to € 51,200! Unfortunately, we haven’t found figures available for Switzerland, but the amount is likely to be in a similar range.
• Unfortunately, one of the consequences of the Corona crisis is that many companies have been reluctant to invest, and unfortunately this also applies to cyber security. According to Gartner, large companies in particular have seen their overall expenditure fall by over a quarter. What is particularly worrying is that one company in ten has stated that, deliberately and also independent of COVID-19, were looking to reduce their spend on cyber security because they saw no need for it. (We hope you are not one of them). Fortunately, around 70 % of all companies surveyed are still planning to increase spending in the next three years. If that's not just a good resolution!

No virus will stop cyber criminals

What 2020 has shown is that it's not just humans who are under threat from viruses. The multifarious growing cyber risks in our highly networked world are also a threat. Given the terrible economic consequences of COVID-19, it is high time to take serious measures to combat cyber crime.

What is your own experience? Have you been spared or have you also had to fight cyber attacks? Either way, in 2021 cyber security should be at the top of your agenda. If you still need to find an experienced partner to accompany you, then get in touch with us. We have more than 150 employees who are experts in sectors such as audits, consulting, penetration testing, architecture and the integration of leading network and security solutions. We provide comprehensive cyber defence services from our ISO 27001 certified Cyber Defence Center (CDC).