Last year, right about this time, we thought about the upcoming year and what we could expect to see from threat actors. We also had great hopes for leveraging the 20/20 Vision theme as we looked forward.  (I mean, how could we not tap into this theme with the launch of our own product appropriately named, Cofense Vision™ ?)  

And yet, here we are, looking back to determine how well we did with our predictions.  

 #1 Surgical Ransomware Attacks. Attackers will continue to choose their targets carefully to reap big payouts. Last year, we saw ransomware targeting state and local governments, with ransom payments escalating. This year, we saw a shift in tactics used by threat actors, sifting out data to ensure payment. In late October, we saw the U.S. authorities warn the healthcare industry with an alert of threat actors targeting the sector. Cofense quickly dug into the threat only to find the tactics were being used across multiple industry sectors. Read the Flash Alert post here. 

😐 #2 Healthcare and Genetic Testing Companies Will be Rich Targets for Monetizing Data. Genetic testing companies will be the healthcare industry’s bullseye. While we missed the mark with this prediction, we did see some healthcare entities targeted in data breaches, along with genetic testing facilities. Perhaps this would’ve been different if the focus hadn’t shifted to another world health concern. 

 #3 Elite Attacks on Cryptocurrency. Protecting cryptocurrency will require humans and technology. With greater focus on the cryptocurrency market and increasing value, we anticipated this would be a rich target for threat actors looking to rob the virtual bank – either targeting the exchanges or the individuals. As recently as November, we heard about Liquid confirming their exchange had suffered an attack. 

❌ #4 Info-Warfare that Tests Human Intuition. Whether fraud-for-profit or fake news, expect info to be more weaponized than ever. Heading into the U.S. presidential election, there was much anticipation of a repeat of the 2016 chain of events, beginning with a phishing email. With a greater focus from many entities within the public sector, as well as social media sites being more diligent and exacting tighter controls, we didn’t see an impact this year – which is a positive!

 #5 SIM-Jacking Aimed at Cryptocurrency and More. These inside jobs are another way to jack consumers, including you. Near the end of last year, we started to learn of incidents where telecom employees were making a quick buck to perform a simple task of swapping out a SIM card in order to gain access to an individual’s cryptocurrency account. Without fail, with the value of cryptocurrency continuing to climb, we did indeed see more of this threat.

But we can’t talk about 2020 without a mention of this year’s black swanthe coronavirus pandemic. While nobody could’ve predicted the pandemic, it was certainly a theme that threat actors didn’t shy away from in their lures and tactics. When it came to phish related to COVID, threat actors elevated their confidence by spoofing many of the legit authorities the world trusted for news from WHO to the CDC, while also targeting economic relief backing such as the U.S. Paycheck Protection Program (PPP) or UK HMRC.

All third-party trademarks referenced by Cofense whether in logo form, name form or product form, or otherwise, remain the property of their respective holders, and use of these trademarks in no way indicates any relationship between Cofense and the holders of the trademarks. Any observations contained in this blog regarding circumvention of end point protections are based on observations at a point in time based on a specific set of system configurations. Subsequent updates or different configurations may be effective at stopping these or similar threats. 

The Cofense® and PhishMe® names and logos, as well as any other Cofense product or service names or logos displayed on this blog are registered trademarks or trademarks of Cofense Inc.