In Q2 2020, Nuspire observed the increasing lengths threat actors were going to in order to capitalize on the pandemic and resulting crisis. New attack vectors were created; including VPN usage, home network security issues, personal device usage for business purposes and auditability of network traffic.
In Q3 2020, we’ve observed threat actors become even more ruthless, shifting focus from home networks to overburdened public entities including the education sector and the Election Assistance Commission (EAC).
Many school districts were forced into 100% virtual or hybrid learning models by the pandemic. Attackers have waged ransomware attacks at learning institutions who not only have the financial resources to pay ransoms but feel a sense of urgency to do so in order to avoid disruptions during the school year. Meanwhile, the U.S. Elections have provided lures for phishers to attack. Nuspire witnessed Q3 attempts to guide victims to fake voter registration pages to harvest information while spoofing the Election Assistance Commission (EAC).
Like these examples, cybercriminals taking advantage of prominent media themes are expected. We anticipate our Q4 2020 Threat Report to find campaigns leveraging more of the United States Presidential election as well. This is simply due to the fact that cybercriminals are predictable. Keeping up with the latest threat intelligence can help your organization prepare for current themes and understand your risk.
This report explores recent cybersecurity challenges and presents our findings, analysis and recommendations. Aggregated and correlated data from our enterprise, mid-market client datasets and our partner Recorded Future provide a unique and expert vantage point.