1. Comment
April 1, 2021

Cybersecurity trends: Malware leads Twitter mentions in Q4 2020

By GlobalData Technology

Malware leads as Verdict lists the top five terms tweeted on cybersecurity in Q4 2020, based on data from GlobalData’s Influencer Platform.

The top tweeted terms are the trending industry discussions happening on Twitter by key individuals (influencers) as tracked by the platform.

1. Malware – 1207 mentions

New malwares threatening bank accounts, abusing android devices and macOS devices were popularly discussed in Q4 2020. Bob Carver, a cybersecurity threat intelligence and analytics principal in Verizon, discussed a new variant of malware called Vizom being used by hackers across Brazil to attack bank account holders. He shared an article that highlights a research carried out by technology company  International Business Machines Corporation’s (IBM’s) security researchers, on the malware.

The research found that Vizom pretends to be a video-conferencing software and compromises the devices of the users in real-time through remote overlay techniques and dynamic link library (DLL) hijacking, once downloaded in a Windows PC of the user. Further, it hijacks the computer’s operating system and compromises the online banking service accessed by the user.

The term was also tweeted by Sam Bowne, a security and hacking instructor at City College San Francisco, to share an article revealing a new Android malware WAPDropper that targets Southeast Asian Android users. WAPDropper was discovered by the security firm Check Point who revealed that the malware signs them up for premium phone numbers, after infecting the user’s device and charges high fees for several services, a tactic popularly known as WAP fraud. The user receives high phone bills every month until they unsubscribe or report the issue to the provider.

Vishal Sharma, a security expert, also discussed the term with reference to a Windows-based remote access malware known as GravityRAT that infiltrates users’ computer in the disguise of legitimate Android and macOS apps and steals users’ data. The malware targets Indian organisations through malware-infected Microsoft Office Word documents and has evolved to get through anti-malware evasion processes.

2. Phishing – 666 mentions

The threat of phishing attacks on brokerage firms, new phishing campaigns, and Covid-related email subjects being the biggest threat in phishing scams, were popularly discussed during the quarter. Adam Levin, founder of CyberScout, a cybersecurity providing company, shared an article on the US Financial Industry Regulatory Authority (FINRA) warning member brokerage companies about widespread phishing attacks that use surveys to extract information. For example, a phishing email was sent from a fake FINRA domain asking member companies to fill a survey by 13 October 2020 to update its conduct and supervisory rules, the article noted.

Andrew Hay, a cybersecurity strategist and data scientist, further discussed the term in relation to a new phishing campaign that installs an Office 365 consent app using Coinbase-themed email to provide attackers access to a victim’s email. Hackers have been increasingly using the Microsoft Office 365 OAuth apps, also known as consent apps, to hack into users’ personal information via email accounts, the article highlighted. These consent apps allow third-parties access to a user’s email account to perform actions on their behalf, and are used for spam filtering, calendaring, or antivirus scanning.

The term was also discussed by Chuck Brooks, president of Brooks Consulting International, a government relations and marketing firm, who shared an article on how phishing scams threats have increased with Covid-19 related email subjects. Research conducted by KnowBe4, a security awareness training and phishing platform, revealed that phishing test messages related to coronavirus were most popular, amounting to a total of 50% in Q3 2020, the article detailed.

3. Covid-19 – 577 mentions

Rising incidences of cyberattacks during the Covid-19 pandemic, increasing vulnerability of workers to cybercrimes, and Covid-19 vaccine research firms being targeted by Russian and North Korean hackers, were primarily discussed during Q4. Infosecurity Magazine, an information technology-based magazine, discussed how a PwC study highlighted 21% of workers in the UK to feel more vulnerable to cybercrime since the Covid-19 outbreak. About 22% felt their personal details were compromised when they shared data with hospitality providers such as pubs and restaurants for contact tracing purposes. The study also found 19% of the people to believe that they lacked the skills and training to avoid a cybercrime while working from home.

Bob Carver, further shared an article on how the delayed or cancelled security deployment projects during the Covid-19 pandemic are compromising the data security of organisations, resulting in increased cyberattacks. The Covid-19 crisis will lead to multiple cases of advanced hacking, phishing, and corporate data breaches, the article noted. According to security specialists, information security deployments should not be delayed.

Sean Harris, a cybersecurity expert, also shared an article on technology company Microsoft alerting governments across the world against the North Korean hackers such as Cerium and Zinc, and the Russian hacker Strontium targeting Covid-19 vaccine research firms. These attacks are taking place across the US, France, Canada, India, and South Korea using credential stuffing, brute-force, and spear-phishing attacks, the article detailed. A majority of the attacks are being blocked by Microsoft’s security protections that are built into its products, while the company has alerted organisations on possible attacks.

4. IoT – 537 mentions

The impact of the Internet of Things (IoT) on the progress of businesses post pandemic, usage of a new botnet to erase information on infected devices, and Nokia’s warning on the doubling of IoT malware infection, were popularly discussed in the last quarter of 2020. Help Net Security, a cybersecurity magazine, shared an article on how IoT is supporting businesses to improve during the pandemic. According to the report, about 77% of the businesses having adopted IoT have increased their pace of projects, while 84% of the adopters described integration of IoT in their business as crucial to continue during the pandemic. Despite cybersecurity risks, businesses are willing to adopt the technology for high return of investments, the article noted.

Adam Levin, a cybersecurity expert, further discussed the term with reference to a new botnet named HEH that can delete data from infected systems such as IoT devices, routers, and servers. Developed by Netlab, a security researching company, the botnet proliferates using Telnet brute-force attacks against any system connected to the Internet. It runs Shell commands on the infected systems and erases the data from them, the article detailed.

IoT was also discussed by Yotam Gutman, marketing director at SentinelOne, a computer and network security firm, who shared an article on Nokia’s latest threat intelligence report that revealed the accelerated rate of cyberattacks with increasing IoT adoption. According to the article, Windows PC’s recorded the highest infection rate of 38.9%, followed by 32.7% of the IoT devices on mobile networks, up from 16.2% in 2019, the article highlighted.

5. Cloud – 470 mentions

Pandemic-induced shift towards cloud-based cybersecurity and zero trust architectures, the launch of software-as-a-service (SaaS)-based suites for cybersecurity across endpoints, cloud and web, and cloud environment complexity having surpassed human ability to manage, were popularly discussed in Q4 2020. Jane Frankland, a cybersecurity executive, discussed the importance of organisations adopting security standards that build security in right from the start and carefully monitor vulnerabilities.

As the pandemic has accelerated a shift to cloud-based cyber-security and zero trust architectures, it is crucial for organisations to include zero trust in the design of the new cloud infrastructure to track users’ access to information within an organisation, the discussion revealed.

Cloud was discussed by Sean Harris about McAfee releasing SaaS suites to protect and simplify digital transformation with the help of the MVISION portfolio for customers adopting a cloud first stance and requiring simple device-to-cloud protection. The McAfee Device-to-Cloud suites offers end-to-end protection for modern environments, the article detailed.

The term was also discussed by Neira Jones, a payment and information security expert, on how 63% of chief information officers (CIOs) stated that the complexity in the cloud environment has exceeded human’s ability to manage it. The article details how the need for digital transformation has pressurised digital teams, while as much as $4.8m have been spent every year by nearly half of the IR and cloud operations teams. About 74% of the CIOs further believe that the accelerated use of cloud-native technologies will put humans under extreme pressure in the years ahead.