The Threat Landscape Post-COVID-19 and How You Can Address It
The Covid-19 pandemic has changed not only our perspective on life and work, but also cybersecurity strategy worldwide. The past nearly two years have prompted a shift to digitalization and extensive cloud migration, raising concerns about data security and integrity.
Even before the pandemic started, industry reports had estimated that the market would “grow at over 15% CAGR” by 2026. The high demand for cybersecurity is likely triggered by an increasing number of attacks targeting enterprise networks, thus jeopardizing data security and affecting regulatory compliance. According to the report, other growth drivers include the interest in enterprise mobility, the extensive use of smartphones, and vulnerable IoT devices connected to corporate networks.
What Our Research Says
Based on our threat intelligence, we have witnessed an uptick in cybercrime since the pandemic started, specifically in phishing and ransomware attacks, likely generated by many people losing their jobs.
In Canada, for example, we investigated a number of illicit websites posing as the official CRA (Canada Revenue Agency) platform, with reproductions to the tiniest detail to trick people into revealing their information. Additionally, malicious actors leveraged phishing techniques to gather CRA credentials, as well as credential stuffing attacks to target Canadians and the CRA.
Moving forward, we expect the increase in cybercrime during the pandemic to drive international demand for cybersecurity professionals, as well as higher budget allocations for tools and strategies.
Social Engineering Tactics Win
Our observations are confirmed by the Verizon Business 2021 Data Breach Investigations Report (2021 DBIR) which found that 36% of data breaches were caused by phishing. In these attacks, cloud-based email servers were a top target, whereas Business Email Compromise (BEC) was a top form of social engineering.
Credentials represent 85% of the data compromised in social engineering attacks, later used in hacking such as brute force attacks and malware activities. People falling victim to social engineering methods were responsible for the largest number of breaches in Education, Public Administration and Utilities. Another major threat which continues to rank among top three threats is ransomware, claiming some 70% of attacks.
What Can You Do About It?
Most organizations are interested in investing in security solutions that prevent malicious programs from compromising their networks, forgetting that training their team members could be critical. Even though it may be unintentional, human error can still cause some serious damage, resulting in data breaches and technical leaks. Human error is in over 90% of cases responsible for data breaches or a ransomware attack on your organization.
For example, your development team is probably using multiple management platforms and cloud-based tools, even open source technology. This could unintentionally leak source code, API keys or other technical elements on GitHub or other other online sources, which, in turn, may enable malicious actors to gain unauthorized access into your corporate network.
Human error is a risk you will have to actively consider and plan for, but do not forget about insider threats. Basically the difference between the two is that human error is a mere unintentional mistake. However, insider threats are malicious threats where a current or former team member, or even business partner, leaks inside information about your organization with a clear malicious intent.
When you are working on a security budget or a contingency plan, focus on both external and internal threats. There is no doubt about it, it can be challenging to keep up with all technology updates, let alone with the constantly evolving threat landscape.