Kasperksy has published a special report looking back at how the cyber threat landscape has evolved since the beginning of the pandemic and how it might serve as an indicator of what to expect in years to come. While it’s no surprise that cyber criminals launched a variety of scams that exploited the pandemic, with scammers often imitating leading authority figures like the CDC or WHO, somewhat surprisingly one of the most common themes exploited revolved around delivery disruptions. For example, they would send emails claiming that, due to COVID, an important delivery had been delayed and that the target must verify the new delivery information. The report also discusses how many companies made themselves vulnerable to a host of new attacks by quickly setting up remote work configurations, and without the proper security measures in place. Chief among them were brute-force attacks against the RDP protocol. Furthermore, the report notes that other remote work tools became targets for cyber attacks, such as with Zoom and Teams, becoming popular lures. Looking back on the past year, Kaspersky notes events demonstrate how willing criminals are to take advantage of crisis. Moreover, while this pandemic will subside, it certainly will not be the last crisis. Therefore, if there is has ever been a time for companies to reevaluate and bolster their security strategy, that time is now. Read the report at SecureList by Kaspersky.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!