A view of the T2 2021 risk panorama as seen by ESET telemetry and from the attitude of ESET risk detection and analysis specialists
Regardless of threats seemingly looming round each nook (I’m you, Delta), the previous 4 months had been the time of summer time holidays for many people positioned within the northern hemisphere, providing a much-needed break after the robust begin of the yr.
I want the identical may very well be mentioned for the realm of cyberthreats, however as you’ll study within the following pages, we’ve seen a number of regarding traits as an alternative: more and more aggressive ransomware techniques, intensifying brute-force assaults, and misleading phishing campaigns concentrating on folks working from house.
Certainly, the ransomware scene formally turned too busy to maintain observe of in T2 2021, but some incidents had been not possible to overlook. The assault shutting down the operations of Colonial Pipeline – the biggest pipeline firm within the US – and the supply-chain assault leveraging a vulnerability within the Kaseya IT administration software program, despatched shockwaves that had been felt not solely within the cybersecurity trade.
In contrast to the SolarWinds hack, the Kaseya assault appeared to pursue monetary acquire quite than cyberespionage, with the perpetrators setting a US$70 million ultimatum – the heftiest recognized ransom demand thus far.
Nevertheless, ransomware gangs could have overdone it this time: the involvement of regulation enforcement in these excessive affect incidents compelled a number of gangs to depart the sector. The identical can’t be mentioned for TrickBot, which seems to have bounced again from final yr’s disruption efforts, doubling in our detections and boasting new options. Emotet, then again, following a closing shutdown on the finish of April, disappeared from the scene, reshuffling the entire risk panorama.
However that’s simply part of the developments seen in our telemetry – I invite you to learn the Statistics & Traits part of this report back to see the total image.
The previous 4 months had been fruitful by way of analysis, too. Our researchers uncovered – amongst others – a various class of malware concentrating on IIS servers; a brand new cross-platform APT group concentrating on each Home windows and Linux methods; and a myriad of safety points in Android stalkerware apps.
In addition they took a better have a look at the actions of the Gamaredon group, the Dukes, and the extremely focused DevilsTongue adware, with the latter findings introduced solely on this report.
With their deep dive into IIS malware and stalkerware, ESET researchers made it to Black Hat USA and the RSA Convention – you’ll find wrap-ups of their talks within the closing chapter of this report. For the upcoming months, we’re joyful to ask you to ESET talks at Virus Bulletin, AVAR, SecTor, and plenty of others.