There is no doubt that the Cybersecurity Threat Landscape has always been an ever changing, dynamic one.  But with the advent of COVIDC 19, this picture has changed to magnitudes that nobody has ever imagined before.  For example, the virus originally started out in the Wuhan Province of China, and theories have speculated so far that it originated in a meat market of sorts.  When the first reports of this started to break out into the news headlines in December 2019, pretty much the entire world thought it would be localized to China.

But just like wildfire, it has spread throughout the world, with such quickness and speed that people are still coming to grips with it, including here in the United States.  COVIDC 19 has affected people of all walks of life, and every industry.  But probably its greatest impact has been felt in the Cybersecurity Industry, and some of these are as follows:

  • Work From Home (WFH):

Although there is nothing new with this concept, the notion of having an almost remote 99% workforce was not actually conceivable until at least 2023 or even 2024.  But this has now become a reality in just a matter of a few months time.  While this has been a silver lining of sorts, it has brought on its own host of security issues, which many IT Security teams have not been able to deal with adequately yet.  For example, many remote workers are now using their home networks in order to log into the corporate network.  While many businesses have made full use of Virtual Private Networks (VPNs), the mixture of this and the home network have actually created new backdoors in order for the Cyberattacker to further penetrate corporate networks.  Also, in a rush to get employees to work remotely, many businesses did not adequately prepare for company issued devices to be provisioned, and as a result, many remote employees are now using their own, personal devices from which to conduct their daily job tasks.  Finally, many IT Security teams have not been able to keep up with a regular regimen of applying software patches, and firmware upgrades to their respective IT and Network Infrastructures.

  • The targeting of video conferencing packages:

Since so many people are working from home, the ability to meet face to face with either coworkers, clients, or prospects has almost become a moot point.  As a result, many businesses are now faced with using video conferencing tools, such as Zoom.  But with this sheer demand, this has also now come into the cross hairs of the Cyberattacker, in a threat vector known specifically as “Zoombombing”. It can be defined as follows:

“This is when an unauthorized person or stranger joins a Zoom meeting/chat session and causes disorder by saying offensive things and even photobombing your meeting by sharing pornographic and hate images.”

(SOURCE:  1).

It is important to note that it is not just the private sector that has been impacted, but many others as well, especially the nonprofit and academic/educational sectors.

  • Phishing based Emails:

Like working from home (WFH), this is not a new concept.  In fact, Phishing has its roots since the early 90’s but its first major impact did not happen until the height of the Internet boom.  This was when AOL, the largest ISP at that time was impacted, in which hundreds of thousands of Personal Identifiable (PII) datasets were stolen.  Of course, since then, Phishing attacks have become very covert and extremely sophisticated to the point that even it can even be difficult for a well-trained Cyber expert to tell the difference between a real and fake email message at first glance.  The traditional objective of the Cyberattacker has been to lure the victim into logging into phony financial based websites, such as that of PayPal, etc.  But with COVIDC 19, the Phishing scene has further evolved into replicating health related websites into spoofed ones.  For example, the World Health Organization (WHO) has been a huge target, in which the unsuspecting victim is lured into providing their login information in order to gain access to documents about the virus, which have malicious macros that are actually embedded into them.

  • The registering of COVIDC 19 domains:

Once COVIDC 19 hit, the registering of any and all domains spiked up to levels that nobody has seen before.  For example, different combinations were registered, such as “COVID 19”, COVID-19”, “COVID”, and even “Coronavirus”. This uptick can be seen in the illustration below:

(SOURCE:  2).

The Modern Security Threat Landscape

So as one can see, the modern Cyber threat landscape has now pretty much become a COVID 19 related one.  Keep in mind that the major threat vectors detailed in the last section are just the tip of the iceberg.  Because of the pandemic, there will be many new threat variants that will also slowly emerge into view, but right now they cannot be gauged with any type of clarity or certainty.  But the following illustration also depicts this well:

(SOURCE: 2).

As one can see, the huge uptick in Cyberattacks started to hit right in the middle of March and will only grow further from there.  But there are other alarming statistics to consider as well, which were present well before even COVIDC 19 hit.  For example:

  • Threat vectors generate on average of $1.5 Billion in profits every for Cyberattackers;
  • By the year of 2021, a majority of Cryptocurrency activity (at least 70%) will be deemed to be illegal in nature;
  • Just within the last five years (starting in 2015), Cyberattacks have increased by 675:
  • Almost half (40%) of all Cyberattackers now target the SMBs;
  • A Ransomware attack happens at least every 14 seconds;
  • As just described in the last section, Phishing is still the most popular threat vector, with 76% of businesses in Corporate America being hit;
  • 92% of all Malware is spread by Phishing based Emails;
  • Unpatched IT and Network Infrastructures (this includes both software and firmware upgrades) are the trigger points for 22% of the Cyberattacks that happen.

(SOURCE:  3).

SOURCES