Recently, Crowdstrike published a new report that reveals the significant rise in eCrime activity, and the shift in targeted industries over the course of the pandemic. The report notes how Crowdstrike has seen more intrusion attempts on networks belonging to their customers in the first 6 months of this year, than in all of 2019. Admittedly, one of the largest drivers for this activity was the rapid use and deployment of remote workforces in response to COVID-19. This switch expanded the attack surface for many organizations in a rapid timeframe, which attackers were quick to try and exploit.
Another significant factor in the amount of activity was the growing availability of ransomware as a service (RaaS) offering. A significant amount of these attacks also involved the theft of sensitive user information, and subsequent attempts to extort victims by publicly releasing that data. Jennifer Ayers, vice president of OverWatch and Security Response stated “Just like everything this year, the threat landscape has proven unpredictable and precarious as eCrime and state-sponsored actors have opportunistically taken aim at industries unable to escape the chaos of COVID-19, demonstrating clearly how cyber threat activity is intrinsically linked to global economic and geo-political forces”. It is this reason specifically why organizations must strive to implement a layered defense system that incorporates endpoint detection and response, threat hunting, strong passwords and employee education.
CyberForce|Q strives to bring organizations from a reactive, to a pro-active security posture. If you would like to talk to a CyberForce|Q security professional about how we can help, please visit our website and complete the contact form so that we can get in touch.
Link to the Crowdstrike press release: https://www.crowdstrike.com/press-releases/crowdstrike-threat-hunting-report-reveals-rise-in-ecrime-during-pandemic/