A COVID-19 domain is blacklisted every 15 minutes, while 35 COVID-19 spam emails are analyzed per minute.
That’s according to research by RiskIQ, which determined the top threats in 2020 and discovered that cybercrime costs organizations around $24.70 every minute, while the average cost of a malicious attack is $4.95 a minute. Therefore, cybercrime will have a per-minute global cost of $11.4m (£8.7m) by 2021, a 100% increase since 2015.
“These stats show threat activity is widespread, but also show the power of threat intelligence in defending the enterprise,” said RiskIQ CEO Lou Manousos. “More knowledge, greater awareness and an increased effort to implement necessary security controls make a huge difference in stopping these threat actors in their tracks.”
Statistics showed there are 375 new threats every minute, a new vulnerability disclosed every 24 minutes and 16,172 records compromised per minute. There is also a new Magecart attack, the credit card skimming attack vector RiskIQ initially discovered in 2018, every 16 minutes,
Asked how many COVID-19 domains they typically see in a day, Steve Ginty, director of threat intelligence at RiskIQ, said: “We see thousands of new COVID-19 domains stood up each day. Attackers always use current events in their campaigns, and something as ubiquitous and impactful has COVID-19 has proven to be particularly useful to them, which is why we see such a large-scale proliferation of threat infrastructure related to COVID-19.”
With regards to the Magecart attacks, Ginty said RiskIQ systems detect dozens of instances of Magecart activity every day. “We are unable to tell how many victims attackers claim in these attacks, but getting their code onto a website is their primary goal and a good indicator that malicious activity has taken place,” he said.