The coronavirus (COVID-19) outbreak has caused an increase in both the likelihood and impact of cyber attacks, as organisations react rapidly to potentially significant operational and financial challenges. The nature of the threat is also changing, with attackers exploiting uncertainty and unprecedented situations.
We expect that many initial organisational responses to COVID-19 will have a net-negative impact on the cyber security posture of the business. This will be both as a result of existing risks being left unaddressed as security expenditure is cut and IT changes are frozen, and as we see new risks emerging.
In our new whitepaper below, we give an in-depth look at how COVID-19 has created new opportunities for cyber threat actors and the steps that organisations should take to mitigate these risks. This blog gives a top-level summary of our recommendations.
Threat actors are already exploiting the uncertainty and extraordinary response caused by the COVID-19 pandemic.
The criminal threat actor behind Emotet, which provides malware delivery services to sophisticated criminal actors including TrickBot, Ryuk and Dridex, began using COVID-19 phishing lures in January 2020, while the crisis was still in its early stages.
Other actors have since followed suit, with hundreds of new COVID-19 themed phishing lures being created each day. We have identified criminal and state-sponsored campaigns exploiting COVID-19 and anticipate they will also use VPN and video conferencing software lures to take advantage of users unfamiliar with remote working.