The finance industry has been the most heavy casualty in these nervous times of lockdowns and work-from-home mandates.

Between February 4 and April 7, 2020, there has been an estimated 70% increase in remote work across the globe. On 23 Feb, when it was announced that more than 2,400 people have died globally from COVID-19 related illnesses, there was a 54% spike in ransomware attacks over baseline levels.

These are some of the findings from an analysis of data from the VMware Carbon Black Cloud.

Their threat analysis unit has found that attackers have been capitalizing on the pandemic to launch sophisticated attacks across various industries, particularly the financial sector.

Here are some key findings of this research: 

  • February 2020 ransomware attacks increased by 148% over baseline levels
  • Notable spikes in attacks can also be correlated to key days in the COVID-19 news cycle, suggesting attackers are being nefariously opportunistic and leverage breaking news to take advantage of vulnerable populations:
    • February 29, 2020—66% spike in attacks over baseline levels on the day multiple US states declared public health emergencies
    • March 2, 2020—49% spike in attacks over baseline levels as Italy COVID-19 cases surpassed 2,000
    • March 11, 2020—22% spike in attacks over baseline levels as WHO declared COVID-19 a pandemic
  • Between February and March, there was an increase in cyberattacks against financial institutions (38%) during the COVID-19 surge.
    • Financial-related attacks accounted for 52% of all attacks seen across the data set
    • The financial sector has overtaken retail as most targeted in March, as retail organizations shifted to remote business models during the month

As the COVID-19 battle continues globally, it is clear attackers will continue to target vulnerable populations and organizations. Increased vigilance and visibility into enterprise-wide endpoint activity are more paramount than ever.

The report recommends that security teams must be able to predict and prevent not only known attacks, but future and unknown ones too. Innovative processes like big data analytics take advantage of all available data—unfiltered endpoint data, event streams, attackers’ tactics and techniques, global threat intelligence, and more—to provide the most comprehensive protection possible.

With the power of big data analytics, security teams can uncover the most disruptive and damaging hidden tactics, identify root causes, and stop malicious threats before they are fully developed.