Just under half of businesses have experienced at least one “business impacting cyber-attack” related to COVID-19 as of April 2020.
According to research of 416 security and 425 business executives by Forrester Consulting and Tenable, 41% of respondents reported the statistic related to COVID-19, whilst 94% of executives say their firms have experienced a business-impacting cyber-attack or compromise within the past 12 months. “That is, one resulting in a loss of customer, employee or other confidential data; interruption of day-to-day operations; ransomware payout; financial loss or theft and/or theft of intellectual property,” the research said.
Also, 78% of respondents said they expect an increase in cyber-attacks over the next two years while 47% reported experiencing five or more attacks. In an email to Infosecurity, Bryan Becker, product manager at WhiteHat Security, said: “There is no reason to expect this trend to ever reverse, so we are only likely to see more and more attacks in the future.
“Businesses can and should be investing in application security teams, as well as regular training for all members of the organization. CEOs and executive teams absolutely should be viewing at least quarterly briefs from the security team to understand the outcome of their investment, as well as the current state of affairs.”
On the impact of the COVID-19-related attacks, Tom Pendergast, chief learning officer at MediaPro, said while COVID-19 may have changed the subject and scale of attacks, “the target of most of those attacks hasn’t changed.
“They’re going after employees, who in this time of anxiety and uncertainty are more vulnerable than ever,” he said. “Preparing your employees to defend themselves and the company means teaching them to be highly skeptical and resistant to attempts to obtain information and access. Take, for example, the recent Twitter hack, perpetrated by a criminal who knew enough about an employee to break down their defenses.”
Rod Holmes, director and vCISO at the Crypsis Group, said threat actors always look to capitalize on emotion, disaster and chaos, and individuals, corporate IT systems and ICS systems (OT systems) have all been targeted. In particular, the research found that 65% of attacks involved operational technology assets, and 63% of security leaders admit it’s likely their systems suffered an unknown compromise over the past year.
Holmes said: “Organizations that have that special privilege of protecting our nation's critical infrastructure have an especially important role to play in security as nation states look for opportunities to infiltrate critical systems. Nation state actors are very opportunistic, persistent and patient — they will look for opportunities to strike when organizations are resource-strained and focused on maintaining operations during times of change or difficulty.
“COVID has presented nation states the opportunity to fly under the radar and capitalize on chaotic environments where IT personnel are consumed with increasing remote access capacity — even industrial organizations have had significant office personnel working remotely during the crisis. This is especially an issue with organizations that have ICS infrastructure intermingled with IT infrastructure and that do not have each environment separated as recommended by NIST standards.”