We all know this pandemic has affected the cyber industry in ways we never could have foreseen. According to VMWare Carbon Black, the attacks on banks and another financial organizations were up 38% between February and March and accounted for 52% of the threat traffic on their cloud.
The concerns around the pandemic aren’t just limited to what is going on currently – it’s also about what happens after. As part of ISMG’s virtual Financial Cybersecurity Summit, our CEO spoke about this and we have included some of the top takeaways from his presentation below.
Even before COVID-19 the balance between attackers and defenders was broken
This isn’t just about the lack of cybersecurity talent – this is about the level of sophistication surrounding these attacks. The darknet has become a playground for attacks for hire. Take Ransomware-as-a-Service for example: it requires little more than bitcoin and access to the darknet to orchestrate a full scale ransomware attack. Even worse, NSA-level tools that have been leaked – the cyber equivalent of a nuclear submarine – can be purchased for the likes of $300.
Any and everyone is a target for a nation-state attack
There was a time when only nation-states were concerned about this level of attack, but that has changed. Some of the largest scale attacks in recent years have been funded, technically supported, and even commanded by nation-states. This is a huge threat to the private sector as most organizations do not have the resources available to defend against this level of attack – which leaves the private sector vulnerable.
Instead of being united against this crisis, it has heightened geopolitical tensions
COVID-19 has increased cyber tensions among the nations. Conspiracy claims and blame are coming from all sides. Anti-nation rhetoric has been plastered all over social media (propagated by bots) to cause civil unrest. All of these things combined create distractions to heighten the threat of a major cyber attack.
Additional players are hitting the arena
Even unlikely organizations, such as the mafia, are being affected by the current crisis. They have losses of revenue and are looking for alternative income sources. Cyber crime is a high profit option. This is another reason why organizations are a high target for cyber attacks.
CISOs also have internal pressures – and this is only going to get worse after the pandemic is over
With the mass workforce being forced to work from home in a rapid timeline, budgets got eaten up on projects that were unforeseen. Projects were done in a fraction of the time they would have normally, which leaves them open to vulnerabilities associated to the human element. Budgets are getting slashed across the board, people are going on furlough or being let go – and this includes the security team.
Prioritization is more important than it ever has been
Trying to secure everything will end up securing nothing. Security professionals have to weigh priorities based on what an attacker would be looking for the most. Understanding the attacker’s motivations, especially a nation-state attacker, is critical to staying safe at this time.
You can see the entire presentation of Ran’s here. We hope everyone stays safe and healthy during this time, both on and offline.
Be sure to check out our other articles around COVID-19:
Cyber Geopolitics and COVID-19: What Could Come Next?
From the Front Lines: Cyber Community Insights
The Cyber Doc is In: Working from Home Amidst the Coronavirus