Nearly 47% of all publicly disclosed security incidents took place in the United States: 2020 threat landscape report.

Cybercriminals’ quick adaptation to exploit the pandemic has become the dominant theme of the 2020 threat landscape.

Consistent with this trend, cybersecurity firm McAfee observed what began as a trickle of phishing campaigns and the occasional malicious app turn into a surge of malicious URLs and capable threat actors leveraging the world’s interest in COVID-19 as an entry mechanism into systems across the globe.

In its COVID-19 Threat Report released recently for Q1 2020, McAfee Labs saw an average of 375 new threats per minute, and a surge of cybercriminals exploiting the pandemic through COVID-19 themed malicious apps, phishing campaigns, malware, and more.

New PowerShell malware had increased 688% over the course of the quarter while total malware grew 1,902% over the past four quarters. Disclosed incidents targeting the public sector, individuals, education and manufacturing increased; nearly 47% of all publicly disclosed security incidents took place in the United States.

Summary of Q1 2020 cybercrime

Malware overall
New malware samples slowed by 35%; total malware increased 27% over the past four quarters. New Mac OS malware samples increased by 51%.

Mobile malware
New mobile malware increased by 71%, with total malware growing nearly 12% over the past four quarters.

Regional targets
Disclosed incidents targeting the Americas increased 60%, incidents targeting Asia-Pacific increased 27%, while Europe decreased 7%.

Security incidents
McAfee Labs counted 458 publicly-disclosed security incidents, an increase of 41% from Q4. Some 50% of all publicly-disclosed security incidents took place in North America, followed by 9% in Europe. Nearly 47% of all these incidents took place in the United States.

Vertical industry targets
Disclosed incidents targeting the public sector increased 73% individuals increased 59%, education increased 33%, and manufacturing increased 44%.

Attack vectors
Overall, malware led disclosed attack vectors, followed by account hijacking and targeted attacks.

Cryptomining
New coinmining malware increased 26%. Total coinmining malware samples increased nearly 97% over the past four quarters.

Fileless malware
New JavaScript malware declined nearly 38%, while total malware grew nearly 24% over the past four quarters. New PowerShell malware increased 689%; total malware grew 1,902% over the past four quarters.

IoT
New malware samples increased nearly 58%; total IoT malware grew 82% over the past four quarters.

Data breaches: the new ransomware attack

Over the course of the first quarter of 2020, McAfee observed malicious actors focusing on sectors where availability and integrity are fundamental—for example manufacturing, law and construction firms. “No longer can we call these attacks just ransomware incidents. When actors have access to the network and steal the data prior to encrypting it, threatening to leak if you don’t pay, that is a data breach,” said Christiaan Beek, senior principal engineer and lead scientist, McAfee.

“Using either weakly-protected Remote Desktop Protocol or stolen credentials from the underground, we have observed malicious actors moving at lightspeed to learn the network of their victims and effectively steal and then encrypt their data.”

New ransomware had declined 12% in Q1; total ransomware increased 32% over the past four quarters.