July 22, 2020

In the past six months, the way we live and work has changed beyond recognition. To put it simply – life on earth has gone online. The change was not gradual but happened seemingly overnight. Almost everything is different now, from the way we conduct relationships,
work or even do our grocery shopping. Changes of the same order of magnitude can be found in the cyber arena.
The new normal has created challenges alongside opportunities. Infrastructure changes made by companies to allow remote access have also required threat actors to adapt to a hybrid world that integrates cloud technologies. In addition, the rapid spread of the
corona virus and global research efforts to find a vaccine have created new phishing options and made medical research institutions a sought-after target for criminal and state actors.

We will address these effects and more aspects of the threat landscape, while providing examples and statistics of real world events.

Here are some of the cyber attacks trends we discuss:

Double Extortion

Ransomware actors have adopted a new strategy; in addition to making the victim’s files inaccessible, they now exfiltrate large quantities of data prior to its encryption in the final stage of the attack. Victims who refuse payment demands find their most sensitive data publicly displayed on dedicated websites.

Cyber Warfare

Nation-state cyber activity has seen a surge in intensity and escalation in severity. In times when traditional tactics to gather intelligence and knowledge are no longer feasible due to social distancing, the use of offensive cyber weapons to support national missions appears to have expanded. The goal may be better understanding of the Corona virus or securing intelligence operations, and countries and industries are the targets.


Threat actors have been seeking new infection vectors in the mobile world, changing and improving their techniques to avoid detection in places such as the official application stores. In one innovative attack, threat actors used a large international corporation’s Mobile Device Management (MDM) system to distribute malware to more than
75% of its managed mobile devices.


Industries were required to make rapid infrastructure adjustments to secure their production when working remotely. In many cases, this would not have been possible without cloud technologies. However, it also exposed more misconfigured or simply unprotected assets to the internet. In addition, for the first time, alarming vulnerabilities
were revealed in Microsoft Azure infrastructure that could enable invaders to escape VM infrastructure and compromise other customers.

Download a copy of the full report





  • Check Point Research Publications
  • Global Cyber Attack Reports
  • Threat Research
February 17, 2020

“The Turkish Rat” Evolved Adwind in a Massive Ongoing Phishing Campaign

  • Check Point Research Publications
August 11, 2017

“The Next WannaCry” Vulnerability is Here

  • Check Point Research Publications
January 11, 2018

‘RubyMiner’ Cryptominer Affects 30% of WW Networks