How has covid-19 impacted the overall security landscape compared to other threats?

As the Covid-19 spreads around the world, attackers are exploiting Covid-19 to launch various cyber-attacks. The delivery of spam emails with malware and attacks targeting vulnerabilities in specific VPN devices have increased. As peopleʼs lives, especially work styles, shifted to work from home, the targets of attackers also changed. In this presentation, we will show you how the Covid-19 has a greater impact on overall security landscape compared to other threats.

It was found that the number of attacks exploiting vulnerabilities in SSL-VPN devices increased sharply in 2020 compared to 2019 before Covid-19. We will explain the vulnerabilities of each device and the attack method by using ransomware in detail. About 25% of all ransomware victims were caused by VPN devices.

Since March 2020, spam emails related Covid-19 that have been continuously confirmed around the world. Attackers put keywords such as masks, financial aid, and vaccines in the body of the email to make people open the email. We will introduce that how attackers are taking advantage of peopleʼs psychological states. In addition, we found that the adversary had something in common in their spam emails and malware that helps further categorizing processes.

Learning from past incidents is important for finding sophisticated threats. However, in most cases, detailed information on past incidents is not disclosed. Therefore, we will explain that how to find threats from cases of traces recorded by the attackerʼs TTPs and malware behavior.