The newly-issued Skybox Security 2020 Vulnerability and Threat Trends Report is out this morning, analyzing the vulnerabilities, exploits, and threats active in 1H:2020 in the chaos surrounding the COVID-19 pandemic. Among key findings:
- 20,000+ new vulnerability reports predicted for 2020, shattering previous records
- 50% increase in mobile vulnerabilities highlights the dangers of blurring the line between corporate and personal networks
- Ransomware thrives during COVID-19 pandemic, with new samples increasing by 72%
- Attacks on critical infrastructure, including healthcare companies and research labs, have added to the chaos.
The increase in mobile vulnerabilities highlights what will be an ongoing challenge to security teams. We have been successful in moving users from the office to remote working, but users at home need to be treated differently from when they are working in an office. Home IoT devices, family members using computers and even home broadband/Wi-Fi connections all are outside corporate visibility and introduce a new attack vector that needs to be managed. For many users, a simple VPN is no longer enough. The money saved from people who decide not to return to the office must be invested in ensuring they are safely working from home.
The report from Skybox shows that cybercriminals are no stranger to the adage \’Don\’t waste a crisis.\’ While it is disappointing to see malicious actors take advantage of a global health crisis that\’s killed over half a million people, it\’s not a surprise. Users and organizations need to be extra vigilant during this period, as we are still getting used to the new normal of working remotely. Information security teams need to make sure they have the right tools and processes in place and make improvements where they can. For example, advanced security analytics tools can help the security operations identify and focus on the highest risk events and identify new attack vectors throughout the environment.
Ransomware and phishing attacks have increased during the current pandemic, especially with the economy putting everyone in a vulnerable place. Bad actors are attacking institutions, organizations, and individuals. It’s hard to think about it this way but sometimes malicious actors are in dire situations or need funds, just as we all do. Perhaps someone’s lost a job and with COVID-19 and the spike in joblessness, we see how underlying human element issues can play a significant role in attack waves – the world isn’t just black and white. In this surreal time where it’s difficult to predict what’s next, malicious actors see that burnout is high, remote working has added some levels of disorganization, and people, in general, are distracted, stressed, and more apt to click on bad links.
When targets are overwhelmed and at the edge of their seats during this C-19 crisis, phishing attacks and the ransomware they often enable are far more likely to succeed – it’s human nature. Malicious actors understand the human element and are opportunistic, and C-19 is a big opportunity for them.