The speed at which organizations are being forced to respond to the unfolding COVID-19 health crisis could be leaving many of them vulnerable to attack by threat actors rushing to exploit the situation.
Over the past few weeks security vendors and researchers have reported an increasing number of malicious activities tied to COVID-19 that they say are elevating risks for organizations across sectors, especially healthcare and law enforcement.
Predictably, a lot of the activity has involved phishing and social-engineering campaigns where COVID-19 has been used as a thematic lure to get people to click on malicious attachments and links in emails or to download malware on mobile and other devices. There have also been reports about account takeover and business email compromise activity, a growth in domains serving up drive-by malware, and attempts to exploit virtual private networks (VPNs) and other remote access tools.
The danger posed by these threats has been exacerbated by new requirements for "social distancing" and the resulting push by many organizations to widen or implement telework capabilities for their workforce. The sudden COVID-19-related surge in the use of videoconferencing, remote access, and VPN services — especially at organizations that have not used them before — is giving attackers more targets to go after and defenders a lot more terrain to protect.
"Many companies did not have the infrastructure for this sort of work and had to deploy it quickly," says Omri Herscovici, security research team leader at Check Point.
This includes externalizing internal Web services and email access, desktop, and other internal resources. In some cases, internal services that may not have been previously accessible from out ..
Support the originator by clicking the read the rest link below.
