The COVID-19 pandemic has strongly impacted the threat landscape. According to Security Magazine, global losses from cybercrime exceeded $1 trillion in 2020. As users become increasingly connected, hackers continue to develop more sophisticated cyber attacks.
Cloud-based vulnerabilities
Cloud computing has seen tremendous growth over the last few years. However, the recent growth of the cloud has led many cybercriminals to seek out ways to breach these storage systems. Cloud systems were originally introduced as a safer alternative to storing files and important data. While the cloud is still a safe option when properly protected, hackers are utilizing new methods to accomplish system compromise. One of the largest cloud-based attacks in recent memory occurred when hackers attacked a cloud service provider with ransomware and stole payment information from millions of users across the world. To avoid cloud computing attacks, users should be mindful of good security practices when navigating through the cloud. End-user actions play a major role in valuable data falling into the wrong hands.
DDoS Attacks
Since the start of the pandemic, DDoS attacks have cost organizations as much as $100,000 on average. Cybercriminals are utilizing botnets to coordinate DDoS attacks at an alarming rate. While increasing network traffic has been the primary method of performing DDoS attacks, hackers are now utilizing artificial intelligence (AI) to coordinate attacks. Manipulated AI is a very dangerous threat to organizations. However, when AI is not compromised, it can be the tool needed to stop these attacks. AI is extremely intuitive and can identify weak points in a network that may put important data at risk.
Ransomware
Many of the largest companies in the world have fallen victim to ransomware. This attack involves hackers encrypting data and holding it hostage until the organization pays the desired sum of money. While ransomware isn’t new to the threat landscape, the consequences of these attacks continue to grow in severity. Recently, hackers compromised COVID-19 research data from the University of California and demanded $1.14 million. A hospital in Germany was also attacked with ransomware in which patient care systems were shut down, leading to the death of a patient.
Social Engineering
Social Engineering attacks are still the primary method in which cybercriminals steal valuable data. The number of phishing and spear phishing attacks has skyrocketed since the start of the pandemic. Many employees that have started working from home are not accustomed to spending as much time on the computer to accomplish work. This has led to more attacks, putting more money in the hands of cybercriminals. Zero Standing Privileges is a social engineering prevention method that is quickly growing in popularity with organizations across the US. This tactic ensures that users are only granted access privileges for a specific task for a limited amount of time. Zero Standing Privileges can’t prevent users from falling victim to social engineering attacks, however, it can keep cybercriminals away from sensitive data even after an attack.
Summary:
The COVID-19 pandemic has strongly impacted the threat landscape. According to Security Magazine, global losses from cybercrime exceeded $1 trillion in 2020. It’s extremely important for users to understand the latest hacker schemes and system vulnerabilities. Recently, new cybersecurity threats have occurred through cloud-based vulnerabilities, DDoS attacks, ransomware, and social engineering.
For assistance in evaluating your strategies, technical requirements, staff evaluations and communications contact a ThreatAdvice Professional to learn more.