Nuspire, a leading managed security services provider (MSSP), reports a sharp rise in cyberattacks against VPN connections during Q1 of 2021. The company noted a 1,527% increase in Pulse Connect Secure VPN attacks and a nearly 2,000% increase in attacks aimed at Fortinet’s SSL VPN.
Due to the new reality of home confinement caused by the outbreak of COVID-19 and the related lockdown measures, a large portion of the world’s workforce switched to working from home. During the remote working period, many started leaning heavily on the use of VPN servers. As a result, Nuspire reported a significantly higher number of attacks on VPNs in its latest Threat Report from June 14.
“2020 was the era of remote work, and as the workforce adjusted, information technology professionals scrambled to support this level of remote activity by enabling a wide variety of remote connectivity methods,” said J.R. Cunningham, Nuspire’s chief security officer. “This added multiple new attack vectors that enabled threat actors to prey on organizations, which is what we started to see in Q1 and are continuing to see today,” he added.
Other findings published in the report include a massive 99.96% drop in the activities of Emotenet bots due to the law enforcement in several countries seizing its server infrastructure and shutting it down.
ZeroAccess botnet, whose activity previously surged to massive numbers, also recorded a significant decrease by the end of Q1 2021. As earlier threat reports indicate, this is not unusual for ZeroAccess, which tends to have massive growth spikes followed by months of stagnation.
Nearly 70% of all exploit activity during the first quarter of 2021 could be attributed to SMB Login Brute Force attempts, with the attacks intensifying as the quarter drew to a close.
Overall exploit activity decreased by 21.76% in Q1 2021 compared to the final quarter of 2020, while malware activities saw a massive 54.47% drop during the same period.
Nuspire is a managed security services provider focused on cybersecurity. Equipped with comprehensive services for detecting, responding to, and remediating cyber threats in real-time, the company delivers cyber protection based on thorough research and regularly publishes its reports on malware activity.