As a result of the COVID-19 pandemic several organisations have changed their business and operations to make it easier to work from home for employees. However, in this new paradigm all organisations around the world are faced with a myriad of security issues. PurpleSec reports an increase of 600% in cybercrime since the beginning of the COVID-19 epidemic, and that’s alarming! Cyberattacks are increasing. Cybercriminals and hackers use advanced and sophisticated technology to disrupt corporate data and software cybersecurity.
What are the most well-known forms of cyber-attacks?
The sudden, unplanned, forced work-from-home situation resulting from long periods of lockdown is among the main causes of an increasing number of cyberattacks. In the past 12 months numerous companies that were not sufficiently prepared to face cyber-attacks have had to be liable for the cost, both financially and through an impact on their reputation. What are the most prevalent cyber-crimes cybersecurity teams must be ready for?
Ransomware attacks
In March, last year, ransomware attacks VMware Carbon Black monitored jumped 148% compared to the month prior. The numbers are rising each day. As per Palo Alto Networks’ threat intelligence team the attacks cost $570,000 in the average ransom in the first quarter of 2021, increasing 82% from the year before.
Phishing attacks
Cybercriminals are using COVID-19-themed themes to launch attacks on phishing. According to KnowBe4 it was a 600% increase in phishing attacks involving pandemics in the first quarter of 2020. A lot of users who entered their personal passwords and credentials on malicious websites that appeared authentic were sucked into these attacks. A lot of them also fell victim to cybercrime because of clickbait ads which asked users to check their emails in search of suspicious alerts for logins, and password resets.
Cryptojacking
The increasing popularity of crypto has resulted in an increase in the use of cryptojacking, where cybercriminals mine cryptocurrency by illegally connecting to computers and servers. According to the Kaspersky report, during the beginning of the year, 432171 users were mining devices that were being used illegally. There was a quadruple increase in the number of code modifications to crypto mining malware in the time.
IoT attacks
The remote working environment is perfect for hackers planning attacks that target Internet of Things (IoT) devices. A study conducted by Zscaler revealed an increase of 700% on IoT cyberattacks during the outbreak. According to the Juniper Research report, there will be 46 billion connected devices by 2021. Given the increasing amount of devices that are at the user’s available, IoT attacks aren’t surprising.
Each of these attacks has the potential for causing a data breach or the loss of data. There is enough awareness developed about cybercrimes, however there are numerous products available that boast an 85% success rate in stopping such attacks. In this situation what’s stopping organisations from taking precautions to protect themselves?
What is the reason that organisations aren’t able to defend themselves against cyberattacks?
While the chief information security officers (CISOs) as well as IT security professionals are aware of cybersecurity threats and threats their organizations are susceptible to, as well as potential solutions to avoid the occurrence of cyber-attacks, there remain lots of unanswered concerns related to combating threats and tackling threats.
What are the best technologies for my business?
A majority of organisations invest at the very least 20 technologies and tools to meet their cybersecurity needs. There are a myriad of security tools, however businesses aren’t sure if they have invested in the correct technology and what tools will tackle their security concerns. Some companies have more than 50 different security tools that protect their IT infrastructure, and a variety of vendors that support them.
The reality is that enterprise infrastructure is more susceptible to ransomware and malware attacks. There is a rise in complexity and less secure security architecture, which results in rising costs and operational expenses.
There are too many alerts. What should I pay attention to?
The many different security tools and technologies generate thousands of notifications. In general, organisations receive more than 10,000 alerts per day, with the majority of them processed manually. Today, organisations aren’t able to collect the information, handle, and respond to these alerts in time. This is a problem that neither security personnel nor the tools they’ve implemented have been able to address. Can they help?
Companies should be able to make use of technology to translate millions of security alerts in few useful insights. Security tools for IT should not just detect, but also help contextualise, prioritise and address issues that require only a little human intervention. What happens when these technologies are in use?
Do my security and IT team possess the appropriate quantity and quality of knowledge?
A company is only as secure as its cyber-human cyber agents. Cybersecurity will always be dependent on the people who are the core of cyber security. But the availability of cybersecurity experts has been a constant challenge. As the complexity of the threat landscape expands and the threat landscape becomes more complex, the teams’ skills also need to increase.
Companies should invest in security training for all employees as well as special training for their cybersecurity teams. Alongside ensuring that you have the appropriate tools available to decision makers, they should provide sufficient funds for security education and support the upskilling of their cybersecurity teams.
How do I ensure that my cybersecurity team is able to cover all devices and networks?
There are too many devices and massive amounts of data. However there’s only a small amount of time and resources at cyber-security experts available to handle all alerts, monitor and respond to every alert and threat. If companies could efficiently monitor all traffic and devices and detect any anomalies and address any threat, they’d be completely safe. But the expense of effort, time, and manpower required to accomplish this would be beyond the limits and is posing as a major challenge to organisations.
Solution:
an efficient and better way of handling the diverse devices. Enterprises need to know the way these devices operate in terms of the type and function of the data stored in these devices, the various levels of access they require, and so on. Therefore, they must shift their focus to cyber security efforts and find the right compromise between security and costs. This is the main issue that businesses are struggling with and must solve.