covid-19 Archives - Cyber Secure Forum | Forum Events Ltd
Posts Tagged :

covid-19

COVID IT: 27,887 cyber attacks took place throughout the pandemic 

 960 640 Stuart O'Brien
By:
0
0

COVID-19 had a big impact on the number of susceptibilities being exposed by cyber actors, to the tune of nearly 28,000 attacks across the duration of the pandemic.

Cyphere has analysed the statistics, comparing the figures to pre-pandemic years to highlight the effect COVID has had on cybersecurity.

A rise in digital transformation as a result of the pandemic led to companies purchasing new tech assets to support their staff working remotely.

These new technologies led to cybersecurity oversights that could have resulted in an increase in security exposures such as a lack of security validations before introducing the product to employees.

They analysed the number of vulnerabilities by year, to visualise the rise in exposures before and throughout the pandemic.

  • 2018 – 16,509 vulnerabilities

  • 2019 – 17,307 vulnerabilities

  • 2020 – 18,351 vulnerabilities

  • 2021 – 20,157 vulnerabilities

As seen above, the number of security exposures has steadily increased over the past four years. Until 2017, the figure had never reached 10,000 but less than five years later had doubled to over 20,000 security bypasses.

It signifies a huge shift in cyber protection, with the rise in cyber risks putting users and businesses at risk of data hacks.

They also examined the severity of the susceptibilities, they did this by using the CVSS (Common Vulnerability Scoring System) to determine whether the exposures were low, medium or high risks.

2021 saw the highest total number of exposures, with 20,157 across those twelve months. The severity of these exposures can be seen below:

  • High risk: 4071 vulnerabilities

  • Medium risk: 12,903 vulnerabilities

  • Low risk: 3183 vulnerabilities

In comparison to 2021’s susceptibilities, 2020 registered a larger number of high-risk exposures with 4,379, 308 more despite having fewer total susceptibilities.

Cyphere says analysing the most common types of susceptibilities can be extremely useful in forming a response to the wave of cyber attacks, it can allow cybersecurity professionals to build a defence to counteract the breach.

Each security exposure is defined using the CWE (Common Weakness Enumeration), which is used to categorise the weakness, it serves as a baseline for exposure identification.

Frustratingly, throughout the pandemic, the highest number of vulnerability types were ‘NVD-CWE-noinfo’ meaning the security bypass was undefined.

The problem with undefined exposures is that the lack of information makes it difficult to put actions in place to avoid this reoccurring. There were over 3,000 undefined susceptibilities in 2020 alone.

The number of exposures that were undefined grew between 2019 and 2020, it accounted for 13.49% of susceptibilities in 2019 and 19.35% in 2020.

When analysing the statistics from the pandemic, examining month-specific data can allow for more context in understanding the effect of Covid on cybersecurity.

The month-specific data revealed April 2020 was the worst month in terms of the number of cyber attacks. Across April, there were a total of 2209 attacks with 939 high-risk attacks and 302 critical risks. The lowest amount was the following month, May 2020 recorded 1058 attacks.

In 2021, April and June saw the highest number of vulnerabilities, April saw 1927 exposures whilst June recorded 1965 attacks. Between March 2020 and July 2021 there were a total of 27,887 vulnerabilities

Lastly, they analysed the products being targeted by cyber actors, worryingly they found that a number of Microsoft products were the primary target. Products such as Microsoft Exchange Servers and Microsoft MSHTML were being bypassed to gain access to personal details.

Harman Singh from Cyphere said: “This analysis of the NIST NVD entries during the pandemic presents a number of useful indicators for security and infrastructure teams. Digital and advanced transformations before and during the pandemic forces businesses to adopt digital solutions, at times bypassing standard approvals and change procedures. This is one of the added factors to the rise in cyber attacks.

“Although there has been increase in total vulnerabilities year on year basis, there are two ways to look at it – good news and bad news. There has been a decrease in critical risk vulnerabilities in 2021 compared to peak Covid months in 2020. Bad news is it’s not just the numbers we need to look at, but looking at the impacted services is a worrying factor. It includes email, internal and external services of a corporate network including remote connectivity solutions such as VPN, security gateways.

“This is why organisations should look into vulnerabilities more than just a CVE. These factors include exploitation in the wild, data sensitvity levels related to the affected service and potential impact. Keeping the practical context into mind helps security teams analyse large amount of vulnerabilities in an efficient manner. This reduces the noise that sometimes consists of just CVE scores but are practically complex attacks or have complex dependencies before an exploit takes place.

“It underscores the importance of regular assessments such as penetration testing, vulnerability scanning and management and incident response preparation. Organisations should adhere to strong basics with proactive approach towards security, utilising the industry expertise to stay on top of ever changing threat landscape.”

ICT investment up as R&D drops during pandemic

 960 640 Stuart O'Brien
By:
0
0

45% of UK firms have decreased their research and development initiatives during the covid-19 pandemic, with even 18% of firms halting theirs altogether, according to new research from Durham University Business School.

However, 40% of firms have invested in their ICT, likely to be the result of firms having to facilitate working from home and remote engagement with customers, say the researchers.

Conducted by Richard Harris and John Moffat, Professors of Economics at Durham University Business School, the study seeks to understand the impact of the pandemic on UK firms’ research and development plans and whether or not companies had refocused their efforts in terms of investments.

The researchers interviewed over 4500 UK companies during the period between October and November 2020. Questions were centred around the firm size, industry, history of operations, before taking a more specific look at the companies’ previous research and development investment initiatives.

The results of the study suggest that the COVID-19 pandemic will have long-lasting negative effects on productivity and growth for firms, whilst increased ICT investment reflects the necessity for firms to become more digital.

Professor Richard Harris said: “The COVID-19 pandemic has had profound effects on the world economy, and in the UK specifically Bank of England figures suggest that it has led to the largest fall in GDP since 1709. While the short-run effects of the early stages of the pandemic are now well understood, less is known about its implications for growth in the medium to long-term.

“Our research findings clearly show that research and development spending dropped drastically during the covid-19 pandemic, which likely will have a negative impact on productivity and growth in the medium to longer term.”

The research reveals that the fall in intangibles investment is distributed unevenly across firms, with industry playing a major role in predicting the change in investment and internationally-oriented firms experiencing smaller declines in the early stages of the pandemic.

These research findings showcase the huge impact that covid-19 pandemic has had not only in the short-term, but in the long-term too for UK firms, with it likely that firms will have challenges related to productivity and growth in years to come due to the lack of R&D over the last year and a half.

Cybersecurity is not a one-stop-shop

 960 640 Guest Post
By:
0
3

By Steve Law, CTO, Giacom and Kelvin Murray, Threat Researcher, Webroot

Boris Johnson announced the Government’s roadmap to lift Coronavirus restrictions for both businesses and the general public earlier in February, and since then, this has provided a glimmer of hope for many across the country. However, since the start of the pandemic, the way business is conducted has changed permanently, with many workforces wanting to continue to work remotely as lockdowns and restrictions ease over time.

So, as companies relax and rules are eased, life is expected to return to a form of ‘new normal.’ But, the issues around cybersecurity are here to stay, and the gas pedal must not be eased – especially with the increased risks associated with continued remote working. 

If anything, security should be more reinforced now than ever before to ensure all aspects of a business are secure. But this isn’t the case. Steve Law, CTO, Giacom and Kelvin Murray, Threat Researcher, Webroot, detail the importance of embedding a trilogy security approach into organisations, and this is where a strong CSP/MSP relationship can be invaluable. 

The Risk Grows

Despite lockdown restrictions easing, cybersecurity risks remain and are likely to grow as COVID-19 changes the working landscape. As indoor spaces begin to open in the next few months, employees will want to venture out to new spaces to work, such as coffee shops and internet cafes – but working on open networks and personal devices creates unlocked gateways for cyberattacks to take place. Since this hybrid and remote way of working looks like it’s here to stay, businesses must ensure they have the right infrastructure in place to combat any cyber threats. 

For instance, research by the National Cyber Security Centre shows that there has been a rise in COVID-19 related cyber attacks over the past year, with more than one in four UK hacks being related to the pandemic. This trend is not likely to ease up any time soon either. And, going forward, hackers could take advantage of excited travellers waiting to book their next holiday once the travel ban is lifted, deploying fake travel websites, for example. 

Aside from the bad actors in this wider scenario, part of the problem here is that many IT teams are not making use of a holistic and layered approach to security and data recovery; which can lead to damaging consequences as data is stolen from organisations. Such issues continue to resonate strongly across businesses of all sizes, who will, therefore, turn to their MSPs for a solution. 

The Importance of a Layered Approach 

Cybersecurity is not a one-stop-shop. A full trilogy of solutions is required to ensure maximum effect. This includes a layered combination of DNS networking, secure endpoint connections, and an educated and empowered human workforce. 

The need for DNS security cannot be ignored, especially with the rise of remote workforces, in order to monitor and manage internet access policies, as well as reduce malware. DNS is frequently targeted by

bad actors, and so DNS-layer protection is now increasingly regarded as an essential security control – providing an added layer of protection between a user and the internet by blocking malicious websites and filtering out unwanted material. 

Similarly, endpoint protection solutions prevent file-based malware, detect and block malicious internal and external activity, and respond to security alerts in real-time. Webroot® Business Endpoint Protection, for example, harnesses the power of cloud computing and real-time machine learning to monitor and adapt individual endpoint defences to the unique threats that users face.

However, these innovative tools and solutions cannot be implemented without educating users and embedding a cyber security-aware culture throughout the workforce. Humans are often the weakest link in cybersecurity, with 90% of data breaches occurring due to human error. So, by offering the right training and resources, businesses can help their employees increase their cyber resilience and position themselves strongly on the front line of defence. This combination is crucial to ensure the right digital solutions are in place – as well as increasing workforces’ understanding of the critical role they play in keeping the organisation safe. In turn, these security needs provide various monetisation opportunities for the channel as more businesses require the right blend of technology and education to enable employees to be secure.

The Channel’s Role 

Businesses, particularly SMBs, will look to MSPs to protect their businesses and help them achieve cyber resilience. This creates a unique and valuable opportunity for MSPs to guide customers through their cybersecurity journeys, providing them with the right tools and data protection solutions to get the most out of their employees’ home working environments in the most secure ways. Just as importantly, MSPs need to take responsibility for educating their own teams and clients. This includes delivering additional training modules around online safety through ongoing security awareness training, as well as endpoint protection and anything else that is required to enhance cyber resilience.

Moreover, cyber resilience solutions and packages can be custom-built and personalised to fit the needs of the customer, including endpoint protection, ongoing end-user training, threat intelligence, and backup and recovery. With the right tools in place to grow and automate various services – complemented by technical, organisational and personal support – channel partners will then have the keys to success to develop new revenue streams too.

Conclusion 

Hackers are more innovative than ever before, and in order to combat increasing threats, businesses need to stay one step ahead. Companies must continue to account for the new realities of remote work and distracted workforces, and they must reinforce to employees that cyber resilience isn’t just the job of IT teams – it’s a responsibility that everyone shares. By taking a multi-layered approach to cybersecurity, businesses can develop a holistic view of their defence strategy, accounting for the multitude of vectors by which modern malware and threats are delivered. Within this evolving cybersecurity landscape, it’s essential for SMBs to find an MSP partner that offers a varied portfolio of security offerings and training, as well as the knowledge and support, to keep their business data, workforces and network secure.

73% of IT execs concerned over remote working security risks

 960 640 Stuart O'Brien
By:
0
0

73% of security and IT executives are concerned about new vulnerabilities and risks introduced by the distributed workforce, highlighting an ‘alarming’ disconnect between confidence in security posture and increased cyberattacks during the global pandemic.

The data from Skybox Research Lab comes after enterprises rapidly shifted to make work from home possible and maintain business productivity. Forced to accelerate digital transformation initiative, this created the perfect storm, the research says.

Skybox Research Lab discovered that 2020 will be a record-breaking year for new vulnerabilities with a 34% increase year-over-year – a leading indicator for the growth of future attacks.

As a result, security teams now have more to protect than ever before. Surveying 295 global executives, the Skybox 2020 “Cybersecurity in the new normal” report found that organizations are overconfident in their security posture, and new strategies are needed to secure a long-term distributed workforce.

Key findings:

  • Deprioritized security tasks increase risk: Over 30% of security executives said software updates and BYOD policies were deprioritized. Further, 42% noted reporting was deprioritized since the onset of the pandemic.
  • Enterprises can’t keep up with the pace: 32% had difficulties validating if network and security configurations undermined security posture. 55% admitted that it was at least moderately difficult for them to validate network and security configurations did not increase risk.
  • Security teams are overconfident in security posture: Only 11% confirmed they could confidently maintain a holistic view of their organizations’ attack surfaces. Shockingly, 93% of security executives were still confident that changes were correctly validated.
  • The distributed workforce is here to stay: 70% of respondents projected that at least one-third of their employees will remain remote 18 months from now.

“Traditional detect-and-respond approaches are no longer enough. A radical new approach is needed – one that is rooted in the development of preventative and prescriptive vulnerability and threat management practices,” said Gidi Cohen, co-founder and CEO, Skybox Security. “To advance change, it is integral that everything, including data and talent, is working towards enriching the security program as a whole.”

To download the full report, visit: https://www.skyboxsecurity.com/security-transformation/

STUDY: Covid-19 technologies must be regulated to stop ‘big brother’ society

 960 640 Stuart O'Brien
By:
0
0

Technologies, such as track and trace apps, used to halt the spread of covid-19 have to be thoroughly examined and regulated before they are rolled out for wider adoption, to ensure they do not normalise a big-brother-like society post-covid-19.

That’s according to research conducted by Jeremy Aroles, Assistant Professor in Organisation Studies at Durham University Business School, alongside Aurélie Leclercq-Vandelannoitte, Professor of Management of Information Systems at IÉSEG School of Management, which draws from the concept of ‘societies of control’, developed by the French philosopher Giles Deleuze, in order to analyse the technologies currently being used to tackle the covid-19 pandemic.

Whilst the study acknowledges the public health benefits of these technologies, the researchers state we must be wary of what technology is rolled out by governments and critically cross-examine these.

Dr. Aroles said: “Presented as ways to curb the immediate progression of the pandemic and improve safety, the acceptance and use of these technologies has become the new “normal” for many of us, therefore it is important that these systems of control are heavily vetted and cross-examined before being rolled out to the wider public.”

The researchers suggest three solutions regarding the development and use of covid-19-related technologies.

First, the public should question the locus of collective responsibility. Increasingly complex systems of control and surveillance have been fuelled by our reliance on technology which, the researchers say, has blurred our understanding of the boundary between “good and bad” or “right and wrong”.

Second, more must be done to raise people’s awareness of how digital technologies work, and the risks of adopting them across society. People are often, rightly, concerned over their privacy and the sharing of their data. It is therefore crucial that these technologies are transparent and actively help individuals fully understand the ramifications of the control systems they’re opting in to.

Third, given that covid-19 tracking technologies are developed by companies for the benefit of governments, it is vital that greater regulation of the partnerships between state authorities and companies is adopted. Alongside this, it is also important that counter-powers such as journalists and the public hold these partnerships to account, to ensure they do not violate the privacy of citizens for financial gain.

The researchers state that it is important the covid-19 pandemic is not utilised as an opportunity to enforce a society of control and to normalise greater surveillance. They suggest that researchers or bodies specialising in the management of information systems should be brought in to supervise the developments of digitally enabled control systems, such as covid-19 apps, and not to abandon them to companies that could violate the privacy of citizens.

Securing a hybrid and agile workforce

 960 640 Guest Post
By:
0
0

2020 has forced businesses to revise many of their operations. One significant transition being the shift to a remote working model, for which many were unprepared in terms of equipment, infrastructure and security. As the Government now urges people to return to work, we’re already seeing a shift towards a hybrid workforce, with many employees splitting their time between the office and working from home.

As organisations are now reassessing their long-term office strategies, front and centre to that shift needs to be their IT security underpinned by a dependable and flexible cloud infrastructure. Andrea Babbs, UK General Manager, VIPRE, discusses what this new way of working means long-term for an organisation’s IT security infrastructure and how businesses can successfully move from remote working to a secure and agile workforce.

Power of the Cloud

In light of the uncertainty that has plagued most organisations, many are looking to options that can future-proof their business and enable as much continuity as possible in the event of another unforeseen event. The migration of physical servers to the Cloud is therefore a priority, not only to facilitate agile working, but to provide businesses with greater flexibility, scalability and more efficient resources. 

COVID-19 accelerated the shift towards Cloud-based services, with more data than ever before now being stored in the Cloud. For those organisations working on Cloud-based applications and drives, the challenges of the daily commute, relocations for jobs and not being able to ‘access the drive’ are in the past for many. Cloud services are moving with the user – every employee can benefit from the same level of security no matter where they are working or which device they are using. However, it’s important to ensure businesses are taking advantage of all the features included in their Cloud subscriptions, and that they’re configured securely for hybrid working. 

Layered security defence 

Cloud-powered email, web and network security will always underline IT security defences, but these are only the first line of defence. Additional layers of security are also required to help the user understand the threat landscape, both external and internal. Particularly when working remotely with limited access to IT support teams, employees must be ready to question, verify the authenticity and interrogate the risk level of potential phishing emails or malicious links. 

With increased pressure placed on users to perform their roles faster and achieve greater results than ever before, employees will do what it takes to power through and access the information they need in the easiest and quickest way possible. This is where the cloud has an essential role to play in making this happen, not just for convenience and agility but also to allow users to stay secure – enabling secure access to applications for all devices from any location and the detection and deletion of viruses – before they reach the network. 

Email remains the most-used communication tool, even more so when remote working, but it also remains the weakest link in IT security, with 91% of cybercrimes beginning with an email. By implementing innovative tools that prompt employees to double-check emails before they send them, it can help reduce the risk of sharing the wrong information with the wrong individual. 

Additional layers of defence such as email checking tools, are removing the barriers which slow the transition to agile working and are helping to secure our new hybrid workforce, regardless of the location they’re working in, or what their job entails. 

Educating the user

The risk an individual poses to an organisation can often be the main source of vulnerability in a company’s IT infrastructure. When remote working became essential overnight, businesses faced the challenges of malware spreading from personal devices, employees being distracted and exposing incorrect information and an increase in COVID-related cyber-attacks. 

For organisations wanting to evolve into a hybrid work environment, their IT security policies need to reflect the new reality. By re-educating employees about existing products and how to leverage any additional functionality to support their decision making, users can be updated on these cyber risks and understand their responsibilities.

Security awareness training programmes teach users to be alert and more security conscious as part of the overall IT security strategy. In order to fully mitigate IT security risks and for the business to benefit from an educated workforce, both in the short and long term, employees need to change their outdated mindset. 

Changing approach

The evolution of IT and security over the past 20 years means that working from home is now easily achievable with cloud-based setups, whereas in the not too distant past, it would have been impossible. But the key to a successful and safe agile workforce is to shift the approach of a full reliance on IT, to a mindset where everyone is alert, responsible, empowered and educated with regular training, backed up by tools that reinforce a ‘security first’ approach. 

IT departments cannot be expected to stay one step ahead of cybercriminals and adapt to new threats on their own. They need their colleagues to work mindfully and responsibly on the front lines of cyber defence, comfortable in the knowledge that everything they do is underpinned by a robust and secure IT security infrastructure, but that the final decision to click the link, send the sensitive information or download the file, lies with them. 

Conclusion

As employees prove they can work from home productively, the role of the physical office is no longer necessary. For many companies, it is a sink or swim approach when implementing a hybrid and agile workforce. Introducing and retaining flexibility in operations now will help organisations cope better with any future unprecedented events or crises.

By focusing on getting the basics right and powered by the capabilities of the Cloud, highlighting the importance of layered security and challenging existing mindsets, businesses will be able to shift away from remote workers being the ‘exception,’ to a secure and agile workforce as a whole.