During the cybersecurity segment of the WaterISAC COVID-19 Web Briefing yesterday, we stressed that the current cyber threat landscape is not experiencing new/emerging threats. We stated how the ploys are the same, but it is the overall volume of attack techniques using coronavirus-themes that has increased. In other words, the product is the same, it has just been rebranded to appeal to more consumers. The consumers in this analogy are everyone keeping up on the news and information cycle related to coronavirus – so… everyone. The explosion of people unfamiliar with working remotely, many who do not have the best cyber hygiene, is also a contributor to the effectiveness of this rebranding. In the office we can protect them from themselves to a degree, but at home on personal devices with all of the new distractions and increased anxiety and concern, all bets are off. We also stated how cyber threat actors closely follow the news and information cycle, and that they acutely understand, mimic, and adjust/adapt their techniques to the digital messaging organizations are disseminating to trick (social engineer) us into clicking on enticing lures. In corroborating reports, cybersecurity firm Fireeye and global software giant Microsoft discuss similar points on attackers use of the same techniques with different themes. Likewise, cybersecurity firm Secureworks provides more detail and examples on how quickly threat actors adapt their attack themes to the ever-changing physical pandemic landscape.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!