#ISC2Congress: The #COVID19 Cyber-Threat Landscape for Businesses

The cyber-threats faced by businesses in 2020 have not varied a significant amount in 2020, despite the major changes to working practices brought about by COVID-19, according to Graham Cluley, cybersecurity blogger and researcher, speaking during a keynote session at the virtual (ISC)2 Security Congress.

“Most of the attacks we’re seeing during 2020 are variations on a theme that we’ve seen many times, such as phishing attacks, ransomware and business email compromise (BEC),” he explained. “They haven’t disappeared into thin air during the COVID-19 pandemic; they’ve multiplied and continued to target unprepared users and ill-prepared organizations.”

However, companies are much more vulnerable to these common tactics now, with employees operating at home where they are often heavily distracted and without easy access to IT support. Cluley noted: “We’re still being expected to determine if a link can be trusted or not and we’re sometimes making big mistakes as a result.”

He added that these attempts to trick users into clicking malicious links are becoming increasingly sophisticated, easily mistaken for something legitimate, such as appearing to be Google docs.

Another big issue is that there is now no longer a single building that can be fortified to protect companies, with their infrastructure spread out across multiple homes and networks. This means an individual falling prey to a phishing scam at home can lead to major consequences for organizations. Cluley outlined: “It’s presence may not be noticed for weeks, and stealing information and credentials, learning about your business.” Therefore, protecting against unauthorized access, such as through using more multi-factorial authentication (MFA), critical in this new environment.

Organizations also need to consider the threats posed ..

Support the originator by clicking the read the rest link below.