Nuspire, a managed security services provider (MSSP), announced the release of its 2021 Q1 Threat Landscape Report. Sourced from its 90 billion traffic logs, the report outlines new cybercriminal activity and tactics, techniques and procedures (TTPs) with additional insight from its threat intelligence partner, Recorded Future.
“As companies return to a hybrid workplace, it’s crucial that they are aware of the evolving threat landscape,” said Craig Robinson, program director, Security Services at IDC. “The data highlighted in this threat report by Nuspire and Recorded Future shows that security leaders need to stay vigilant as threat actors see opportunity in the continued era of remote access.”
In Q1 2021, Nuspire witnessed a 1,916 percent increase in attacks against Fortinet’s SSL-VPN and a 1,527 percent increase in Pulse Connect Secure VPN. These vulnerabilities allow a threat actor to gain access to a network. Once they are in, they can exfiltrate information and deploy ransomware.
Because of the significant increase in VPN and RDP vulnerabilities, Nuspire’s threat report discovers malware, botnet and exploitation activity are down compared to Q4, but threat actors are still on the prowl. Additional notable findings from Nuspire’s 2021 Q1 Threat Landscape Report include:
- Emotet botnet activity dropped -99.96 percent after the announcement of law enforcement seizing their infrastructure. This is likely attributed to the shutdown of the command-and-control infrastructure through a global initiative as announced by Europol during Q1.
- ZeroAccess Botnet activity surged during one week by 619,460 percent before trailing down into end of the quarter.
- SMB Login Brute Force attempts contained 69.73 percent of all exploit activity witnessed in Q1. Similar to the observed activity in Q4, these attacks came in a very active “wave” near the end of the quarter.
Learn more about protecting your organization from increasing cyber threats and download Nuspire’s 2021 Q1 Threat Landscape Report.