COVID-19 pandemic has pushed the concept of remote working beyond any preconceived growth expectations. It doesn’t appear a short-term situation as many organizations and their employees benefit from this new business structure. Rightfully so, IT and security teams should be “virtual” fist-bumping to celebrate rapidly transitioning operations and, in most cases, avoiding any extensive downtime or security breach. After a momentary breath, businesses must now look to long term operational sustainability and security. Organizations must soon revisit and reassess the security gaps or corners cut in haste to deliver services so as not to leave convenient doors open for attacker exploitation. We’ve seen before that attackers seek to capitalize on times of disruption like these both for quick wins and establishing a foothold for a more sophisticated attack.
An Uptick in Cyberattack Frequency
According to the FBI, cybercrime has increased 300% since the start of the COVID-19 pandemic. If there was ever a time for attackers to open their crime toolboxes, it is now. We also may not have seen the worst of things. Dwell time – the time to detect attackers within the network – currently averages months. With this in mind, advanced attackers may not have come forward yet to reveal their inside presence or to present their demands. During this next phase of supporting remote workers, organizations must have robust detection capabilities that can not only alert security teams promptly when an adversary evades prevention defenses but also deliver company-centric threat intelligence on attacker methods and targets.