The increased attack surfaces resulting from pandemic work-from-home regimes are crying out for pre-emptive ramping up of cybersecurity vigilance.
The current worldwide corporate exodus to remote-working is generating a raft of new challenges for security professionals.
A recent survey by cybersecurity firm Check Point Software Technologies examining the pandemic situation’s impact on enterprise security has uncovered the following trends:
- Coronavirus-related attacks ramp up
71% of security professionals reported an increase in security threats or attacks since the beginning of the coronavirus outbreak. The leading threat cited was phishing attempts (cited by 55% or respondents), followed by malicious websites claiming to offer information or advice about the pandemic (32%), followed by increases in malware (28%) and ransomware (19%). - Challenges of managing remote working increase
95% of respondents said they were facing added IT security challenges due to the spread of the coronavirus. The three leading challenges were provision of secure remote access for employees (cited by 56%), the need for remote access scalable solutions (55%) and employees working from home were using shadow IT solutions—untested software, tools and services (47%). - Security concerns over the coming months
61% of respondents were concerned about the security risks of having to make rapid changes to enable remote working, and 55% felt that remote access security needed improving. 49% were concerned about the need to scale-up endpoint security.
Said Rafi Kretchmer of Check Point: “Cybercriminals will always seek to capitalize on the latest trends to try and boost the success rates of attacks, and the Coronavirus pandemic has created a perfect storm of a global news event together with dramatic changes in working practices and the technologies used by organizations. This has meant a significant increase in the attack surface of many organizations, which is compromising their security postures.”
To ensure security and business continuity in this rapidly-evolving situation, Kretchmer said organizations need to protect themselves with a holistic, end-to-end security architecture. This means ensuring accessible and reliable connections between corporate networks and remote devices 24/7, promoting collaboration and productivity between teams, networks and offices, and deploying robust protection against advanced threats and cybercrime techniques at all points on the enterprise network fabric.
The survey of 411 respondents from organizations of 500+ employees globally results reinforce recent findings that coronavirus-related domains are 50% more likely to be malicious than other domains registered since January 2020.
The average number of new domains registered in the three weeks from the end of February was almost 10 times more than the average number found in previous weeks. Researchers have uncovered several ‘Coronavirus specials’ advertised by hackers on the dark web, with ‘Covid-19’ or ‘coronavirus’ being used as discount codes for sales of out-of-the-box malware.