It’s obvious every industry and business around the globe has been directly impacted by the COVID-19 pandemic in some way shape or form. However, many organizations are facing a stark reality, coupled with the need to address new vulnerabilities and mounting security gaps. CSO has published the latest cybersecurity numbers, and the results are pretty staggering:
- Every minute, $17,700 is lost due to social engineering attacks.
- 60% of data breaches occur when a security patch was available, but not applied.
- Attacks on IoT devices tripled this last year alone.
- 94% of malware is delivered to your employees via email.
- Data breaches cost enterprise organizations an average of $3.92 million each year.
Today’s threatscape is murky; with the COVID-19 virus forcing many companies to go remote, new vulnerabilities, from social engineering to personal device hacks, give IT leadership some entirely new worries to endure.
Let’s look at some of the cyber incidents that we’ve seen thus far in 2020. What can we learn and how can we improve our response?
2020 CYBERSECURITY INCIDENTS
The Common Vulnerabilities and Exploits (CVE) database lists over 11,000 cybersecurity vulnerabilities in commonly used hardware and software products. While high volumes of data breaches occur because IT teams fail to upgrade security patches, many of the vulnerabilities highlighted in the CVE database still lack the necessary security upgrades to mitigate these risks.
Not surprisingly, the first half of 2020 launched with several security incidents already on the books, including:
- The FBI reported nation-state hackers leveraged a CVE-2019-064 vulnerability in Microsoft SharePoint servers and took advantage of a missing website patch to breach two U.S. municipalities. These local governments suffered the theft of Active Directory databases and administrative credentials.
- Mitsubishi suffered a massive attack in January that leaked emails between Japan’s Defense Ministry and Nuclear Regulation Authority, as well as other infrastructure clients including utilities and railways. Hackers also got their hands on personal data from more than 8,000 within the company. The Japan Times reported that a Chinese cyber terrorism group were the likely thieves. The same article also stated, “Japan lags behind other countries in addressing cyberattacks.”
- The U.S. Defense Information Systems Agency, that is the entity responsible for secure White House communications, was hacked. CNBC stated Social Security numbers and personal data were accessed. The responsible party was not named at this time.
- Cyber terrorist organization APT41 targeted more than 75 organizations around the globe during the thick of COVID-19. CPO Magazine reports, “The team of Chinese hackers is among the most skilled and prolific in the world.” The attack targeted vulnerabilities in Cisco and Citrix cloud services and routers, with a global outcome that is still being determined.
- Iranian government-sponsored hackers attempted to break into the personal email accounts of World Health Organization (WHO) staff. Reuters stated, “Hacking attempts against the United Nations health agency and its partners had more than doubled since the beginning of the coronavirus crisis.”
In short, cyber criminals are showing no mercy during the global pandemic. Info Security Magazine reports online cyber threats have increased by six times in the last month. The magazine reported phishing attempts have skyrocketed by more than 600% since the end of February. IT teams are now operating in full-on crisis mode to mitigate these risks. To put fuel on the fire, most companies continue their stay at home order, so tech networks must mitigate the added insecurity of personal devices. However, it’s still not too late to be proactive and consult a third-party expert who can help to maintain a healthy security posture - even within a remote organization that has it’s employees work from home.