What stood out in 2020 was an attack aimed at intrusion–Trend Micro summarized

Trend Micro has released a report on security trends in 2020, “2020 Annual Security Roundup: Attacks inside and outside the perimeter that threaten Corona’s corporations.” Attacks that break into corporate and home networks are prominent. The number of cyber attacks from the Internet side to home networks observed by the company in 2020 increased by 1.3 times from 1,141,285 units in the previous year to 1,492,409 units. It is said that the majority were login attempts by brute force attacks, and the tendency to target user authentication information has increased. Attacks on the Internet side from home work The number has increased from 167,498 units in the previous year to 228,215 units, and it can be seen that terminals connected to the home network are infected with malware and are sending unauthorized communications.

Changes in the number of routers that detected events that suggest attacks, worldwide: 2019-2020, Source: Trend Micro Corporate networks also have an average of more than 100,000 attacks targeting vulnerabilities in major VPN products per month. According to the company’s incident response, about 30% of the intrusion routes were via the remote desktop protocol, and 10% were attacks that exploited the vulnerability of the internal system server. The number of leads to fraudulent websites, including phishing, reached a record high of more than 25 million in Japan, and it was confirmed that they were disguised as EC sites and Microsoft 365. In addition, in the ransomware attack, the damage caused by exposing confidential information on the Internet reached more than 1,400 organizations (26 organizations in Japan) in the world, and the top three industries were government agencies / public, banks, and manufacturing.

Changes in the number of users guided to fraudulent sites from Japan, Source: Trend Micro

Changes in the total number of organizations confirmed on the ransomware exposure site, Source: Trend Micro The company’s network boundaries inside and outside the organization have become ambiguous due to the spread of telework and cloud utilization due to the corona disaster, and “2020 is It can be said that this is the year when the borderline defense has collapsed. “On the premise of intrusion, it is important to have a mechanism to determine whether communication is permitted or not, based on rules and policies, and combining knowledge such as attack methods. It is supposed to be.