New vulnerabilities exposed as IT teams respond to the pandemic

October 16, 2020

A new Incident Response (IR) threat report by Secureworks reveals that cybercriminals are targeting vulnerabilities created by the pandemic-driven worldwide transition to remote work. The report is based on hundreds of incidents the company’s IR team has responded to since the start of the pandemic.

While initial news reports predicted a sharp uptick in cyber threats after the pandemic took hold, Secureworks data on confirmed security incidents and genuine threats to customers show the threat level is largely unchanged. Instead, major changes in organizational and IT infrastructure to support remote work created new vulnerabilities for threat actors to exploit.

The sudden switch to remote work and increased use of cloud services and personal devices significantly expanded the attack surface for many organizations. Facing an urgent need for business continuity, many companies did not have time to put all the necessary protocols, processes and controls in place, making it difficult for security teams to respond to incidents.

Threat actors—including nation-states and financially-motivated cyber criminals—are exploiting these vulnerabilities with malware, phishing, and other social engineering tactics to take advantage of victims for their own gain. One in four attacks are now ransomware related—up from 1 in 10 in 2018—and new COVID-19 phishing attacks include stimulus check fraud.

Additionally, healthcare, pharmaceutical and government organizations and information related to vaccines and pandemic response are attack targets.

The Secureworks Incident Response report provides specific recommendations for how organizations can strengthen their defenses by tuning their processes and tools for work-from-home environments.

Barry Hensley, Chief Threat Intelligence Officer, Secureworks, notes, “Against a continuing threat of enterprise-wide disruption from ransomware, business email compromise and nation-state intrusions, security teams have faced growing challenges including increasingly dispersed workforces, issues arising from the rapid implementation of remote working with insufficient consideration to security implications, and the inevitable reduced focus on security from businesses adjusting to a changing world.”

Ransomware and the propulsion of the extortion economy has rapidly eclipsed into a national priority. Recently, we observed the catastrophic impact of a widescale ransomware attack impacting gas pipelines and raising national gas prices overnight.

This webinar will cover additional, and often overlooked, security risks and mitigation strategies for cannabis businesses, including vaults and storage, guards and transportation.

Poll

Business Travel Security

View Results

Poll Archive

Products

Effective Security Management, 7th Edition

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

See More Products

New vulnerabilities exposed as IT teams respond to the pandemic

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.

New vulnerabilities exposed as IT teams respond to the pandemic

Related Articles

Related Products

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.