COVID-19 sees ransomware and mobile vulnerabilities soar
The ongoing COVID-19 pandemic is prompting fundamental change in the ways that we live and work. As more people do their jobs from home, the lines between corporate and personal networks are beginning to blur.
According to new data from cybersecurity management firm SkyBox Security, this is elevating cyber threat to both the individual and the enterprise in an unprecedented way.
SkyBox released its new figures on Tuesday as a mid-year update to its 2020 Vulnerability and Threat Trends Report. The report analyses the vulnerabilities, exploits and threats that have faced enterprises over the first half of the year.
According to its findings, the global cybersecurity landscape is being dominated by the chaos surrounding the COVID-19 pandemic.
"The global COVID-19 pandemic has completely reshaped the way that organisations and their employees work," said Ron Davidson, VP of R&D and CTO for Skybox Security in a press release.
"With the majority of the workforce now working remotely, the network perimeter has significantly widened – securing this perimeter now needs to be a top strategic priority. Organisations need to be able to identify the flaws that sit within both personal and professional devices. They also need to be able to model their expanded network so that they can understand all potential attack vectors. If they do not have these capabilities, then they will not be able to manage the mass of 20,000 new vulnerabilities, leaving them vulnerable to attack; something that they cannot afford at a time of global financial uncertainty."
The report discovered a 50% increase in mobile vulnerabilities, due to the blurring of lines between personal and enterprise devices. As more and more people work remotely on personal computers and smartphones, the avenues of attack for malicious parties have multiplied.
According to SkyBox, the increase is being driven by new Android deficiencies (which increased by 110% from 230% last year to 484% this year), after the number of new iOS vulnerabilities dropped by 23% over the same period. The report notes that, “in previous years such an increase may not have concerned security leaders, but after COVID-19 pandemic blurred the line between corporate and domestic spaces it underlines the importance of securing all possible access points.”
Ransomware is also thriving, with new samples increasing by 72% in the first half of 2020 alone.
"We observed 77 ransomware campaigns during the first few months of the pandemic – including several on mission-critical research labs and healthcare companies,” commented Sivan Nir, Threat Intelligence Team Leader for Skybox Security.
“The focus and the capability of attackers is clear: they have the means to impart serious financial and reputational harm on organisations. The need for focused remediation strategies that are informed by full network visibility and contextual, data-rich intelligence has never been more pressing."