COVID-19 pandemic sparks 72% ransomware growth, mobile vulnerabilities grow 50%

July 22, 2020

Skybox® Security published the mid-year update to its 2020 Vulnerability and Threat Trends Report. The report analyzes the vulnerabilities, exploits and threats in play over the first half of a year dominated by the chaos surrounding the COVID-19 pandemic. The report, compiled by Skybox® Research Lab, aims to help organizations align their security strategy with the reality of the current threat landscape.

Key findings from the report include:

20,000+ new vulnerability reports predicted for 2020, shattering previous records
50 percent increase in mobile vulnerabilities highlights dangers of blurring line between corporate and personal networks
Ransomware thrives during COVID-19 pandemic, with new samples increasing by 72 percent
Attacks on critical infrastructure, including healthcare companies and research labs, have added to chaos

"The global COVID-19 pandemic has completely reshaped the way that organizations and their employees work," said Ron Davidson, VP of R&D and CTO for Skybox Security. "With the majority of the workforce now working remotely, the network perimeter has significantly widened – securing this perimeter now needs to be a top strategic priority. Organizations need to be able to identify the flaws that sit within both personal and professional devices. They also need to be able to model their expanded network so that they can understand all potential attack vectors. If they do not have these capabilities, then they will not be able to manage the mass of 20,000 new vulnerabilities, leaving them vulnerable to attack; something that they cannot afford at a time of global financial uncertainty."

Also notable in the report is the increase of ransomware's popularity, with the number of new samples rising by 72 percent over the first half of the year.

Sivan Nir, Threat Intelligence Team Leader for Skybox Security, commented on this rise. "We observed 77 ransomware campaigns during the first few months of the pandemic – including several on mission-critical research labs and healthcare companies. The focus and the capability of attackers is clear: they have the means to impart serious financial and reputational harm on organizations. The need for focused remediation strategies that are informed by full network visibility and contextual, data-rich intelligence has never been more pressing."

The report further reveals that the volume of mobile vulnerabilities has increased by 50 percent. This increase is wholly driven by new Android deficiencies (which increased by 110 percent from 230 last year to 484 this year), after the number of new iOS vulnerabilities dropped by 23 percent from 152 to 117. In previous years such an increase may not have concerned security leaders, but after COVID-19 pandemic blurred the line between corporate and domestic spaces it underlines the importance of securing all possible access points, says the report.

To read the full mid-year update to the 2020 Vulnerability and Threat Trends Report, click here.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 October

This month in Security magazine, we explore how Corning's global security group ensured business continuity and employee safety during the global COVID-19 pandemic. Also, we highlight the global security team at Uber and their recent security programs and initiatives. Industry experts discuss travel safety programs, career hackers, working for terrible bosses, group attribution error and more.

View More Create Account

COVID-19 pandemic sparks 72% ransomware growth, mobile vulnerabilities grow 50%

Related Articles

Related Products

Related Events

Report Abusive Comment