COVID-19 sees ransomware and mobile vulnerabilities soar
The ongoing COVID-19 pandemic is prompting fundamental change in the ways that we live and work. As more people do their jobs from home, the lines between corporate and personal networks are beginning to blur.
According to its findings, the global cybersecurity landscape is being dominated by the chaos surrounding the COVID-19 pandemic.
"With the majority of the workforce now working remotely, the network perimeter has significantly widened – securing this perimeter now needs to be a top strategic priority. Organisations need to be able to identify the flaws that sit within both personal and professional devices. They also need to be able to model their expanded network so that they can understand all potential attack vectors. If they do not have these capabilities, then they will not be able to manage the mass of 20,000 new vulnerabilities, leaving them vulnerable to attack; something that they cannot afford at a time of global financial uncertainty."
The report discovered a 50% increase in mobile vulnerabilities, due to the blurring of lines between personal and enterprise devices. As more and more people work remotely on personal computers and smartphones, the avenues of attack for malicious parties have multiplied.
According to SkyBox, the increase is being driven by new Android deficiencies (which increased by 110% from 230% last year to 484% this year), after the number of new iOS vulnerabilities dropped by 23% over the same period. The report notes that, “in previous years such an increase may not have concerned security leaders, but after COVID-19 pandemic blurred the line between corporate and domestic spaces it underlines the importance of securing all possible access points.”
Ransomware is also thriving, with new samples increasing by 72% in the first half of 2020 alone.
“The focus and the capability of attackers is clear: they have the means to impart serious financial and reputational harm on organisations. The need for focused remediation strategies that are informed by full network visibility and contextual, data-rich intelligence has never been more pressing."