The economics behind the current COVID-19 pandemic creates gateways for possible cybersecurity intrusions, and consumers and small business owners (SMB) are among the most affected, according to a survey from IBM Security and Morning Consult.
There has been a steady rise in COVID-19 scams and attacks since the novel coronavirus pandemic went global in February. Traditional cybercriminals, as well as APT groups, have been exploiting the situation and will likely continue until COVID-19 is no longer a front-page news item. The attack techniques look familiar: phishing, vishing, malicious apps, malicious domains, and crafty SEO techniques, along with social engineering techniques designed to entice people to click on links or attachments to install malware or steal login credentials.
A critical vulnerability has been patched in the Microsoft Teams work collaboration platform after security researchers discovered a way in which hackers could compromise accounts and steal data with something as seemingly harmless as an animated .GIF image.
Amid the turmoil and confusion surrounding the COVID-19 pandemic, companies were forced to hastily implement solutions that could allow employees to shift to telework overnight, creating extensive opportunities for bad actors and insider threats to flourish.
Ransomware attacks are more common than previously thought in the small and medium business (SMB) community, with 46% of SMBs reporting falling victim to the data-crippling malware. 73% of those targeted have actually paid a ransom, new research shows.
Companies with an online presence are directly affected by bad bot traffic, forcing them to divert essential resources to deal with a problem that’s becoming increasingly larger. Just in 2019, 24.1% of the entire Internet traffic came from bad bot traffic.
According to the Protenus Breach Barometer report, there’s been a steady increase in healthcare related data breaches over recent years. Last year, there were 572 healthcare data breaches within U.S.-based healthcare industry. That’s up from 450 in 2016. When it comes to patient records leaked, they rose as well, reaching 41 million in 2019 from 15 million in 2018. According to the report, at least since 2016, there has been one healthcare data breach reported a day.
As the coronavirus pandemic forces enterprises to reshape their strategies, remote is slowly becoming the new normal. Platforms once united under a single firewall have now turned into scattered endpoints, and coherent threat defenses have to cover more ground than ever. While security experts struggle to keep threats at bay, one thing is becoming clear: your data is not safe anymore!
The new business realities created by the coronavirus pandemic include unprecedented numbers of people working from home or from other remote locations.
Enterprise endpoints (laptops, workstations, servers, mailboxes, etc.) have historically been a primary vector of cyberattacks that led to major security incidents and breaches. The latest Verizon Data Breach Investigations Report testifies that user devices were involved in 30% and servers – in 63% of data breaches. Ponemon Institute’s 2020 “Study on the State of Endpoint Security Risk” covering 671 IT security professionals reports that 68% of organizations suffered “an endpoint attack that compromised data assets and/or IT infrastructure in the last 2 years.”
As bad actors ramp up phishing campaigns against remote workers, Chief Information Officers (CIOs) across the globe are finding that their employees are using previously undiscovered computing devices daily or weekly.
If you think the COVID-19 epidemic means a respite from cyberattacks against companies, you’d be wrong. If anything, the situation is worse, as organizations divert resources to other parts of the business, leaving their infrastructure exposed. And the proof of that is the flurry of attacks against hospitals.
