The pandemic has forced organizations to gear up to fight the new threat landscape post-COVID-19.
The Coronavirus pandemic has surfaced new gaps in companies’ cybersecurity measures. According to the latest report from Tenable, close to half of the organizations have experienced at least one cyber-attack related to COVID-19 that had a direct impact on businesses, since April 2020.
The current crisis has further intensified the pre-existing cyber threats ranging from incident response to lateral movement and destructive attacks. This has resulted in making it difficult for security teams to keep up.
VMware Carbon Black’s semi-annual Global Incident Response Report , based on an online survey in April 2020 of forty-nine Incident Response (IR) professionals globally, found that 53% IR professionals faced a spike in cyber-attacks related to VPN vulnerabilities, staff shortages, and managing endpoint security challenges during COVID-19.
The vulnerability of VPNs has been increasing, which is a major concern as the average update cycle for software patches tends to occur on a weekly basis. These updates are not enough to protect information owing to the explosion of both traditional and fileless malware.
Increasing geopolitical tensions, especially due to the upcoming 2020 US presidential election, are creating a globally stressful situation. These tensions will lead to a rise in destructive attacks, in addition to other emerging attacks.
As per the report, 42% of IR professionals agree that cloud jacking will most likely become more common in the next 12 months. In addition, security leaders need to be ready to take on the rising incidents related to mobile rootkits and Bluetooth Low Energy attacks in the next year.
These incidents, coupled with a spike in counter IR, destructive attacks, lateral movement, and island hopping, resulting in a vast threat landscape. Organizations can combat these threat actors with the right tools, partnerships, talented workforce, and smart strategies.
Businesses are witnessing a gradual uptick in the markets post the COVID-19 restrictions and lockdown rules. They are expected to intensify their security measures against new vulnerabilities that can be related to a limited workforce, endpoint technology integration, and aligning IT and security teams.
In a bid to combat the new wave of threat incidents, companies need to follow the following steps:
- Employees working remotely need to follow digital distancing practices by having two routers to segment traffic from work and personal home devices.
- It is essential to allow real-time updates, policy reformation, and configuration changes across the network. Companies may need to roll out updates to VPNs along with fixing configurations across remote endpoints and other security updates.
- Having an open communication with security teams about possible new risks and threats related to spear phishing, smart devices jacking, file-sharing applications, and similar security resources is necessary.
- A stronger partnership should be initiated between IT and security teams, especially considering the current uncertain times.
- Work towards getting better visibility into system endpoints. As more cybercriminals are targeting networks for a longer period, it is necessary to keep a close tab on vulnerable endpoints.
Even before the coronavirus pandemic, hackers were exploiting vulnerable situations in the core network. It is essential for enterprises to refocus their security strategy to protect against an evolving threat landscape as they move towards the new “normal”.