COVID-19 has made working from home a new normal, which in turn has shifted the focus of cybercriminals. Now, attackers are shifting focus from sectors that are not fully operational due to coronavirus lockdowns (like travel and hospitality) towards the sectors supporting digital businesses (like the IT industry), which picked up huge traction during the global lockdown.
Effect of work-from-home culture
According to a recent survey by Specops Software, while a large number of people started working from home, cyber attackers also changed their attack preferences towards sectors that they found promising.
- The three top sectors that witnessed the highest growth in cybersecurity threats include computer and IT (impacting 78% of the business owners), medical and healthcare (73%) and banking, finance, and accountancy (67%).
- The three least impacted sectors include travel & hospitality (31%), education & training (36%), and creative arts & design (43%).
The new favorites of attackers
The above numbers provide an indication that cybercriminals seem to be focusing more on lucrative business sectors including Information Technology (IT), while they are moving away from the other sectors like transportation and hospitality industry.
IT sector under pressure
- Most vendors offering popular communication products like Office 365, Zoom, and several others (including Cisco WebEx, Google Meet, and Slack) have been facing security concerns since the beginning of the work-from-home era.
- The UK’s National Cyber Security Centre (NCSC) and the US Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) also raised a joint advisory, mentioning that several threat actors have been aggressively attempting to exploit the infrastructure used for home-based work, like VPNs and other remote work tools.
The cyberattack statistics also indicate that even the sectors that are worst hit due to the coronavirus (like travel and hospitality) are also showing some positive growth in cyber threats. This suggests that attackers are still actively hitting organizations across all sectors, even when they are not fully operational due to coronavirus lockdown. And the best way to deal with this is to redefine their security boundaries to include work from home aspects and follow all possible recommendations such as training employees against frequent cyber threats, using multi-factor authentication, and securing VPN connections.