600% increase in malicious emails during Covid-19 crisis
S Mohini Ratna, Editor, VARINDIA
There is an increase of 600% in malicious emails amid Covid-19 during the pandemic and the crisis is moving the world toward increased technological innovation and online collaboration. There have also been worrying reports of cyber attacks against health care organizations and medical research facilities worldwide. This is because of the growing digital dependency that has increased the vulnerability to cyber attacks. It is estimated that one such attack takes place every 39 seconds.
The current pandemic has changed the way we work and this looks set to remain the case for the long-term at the very least. Changes in behavior due to lockdown restrictions have caused measurable changes in the usage of both fixed and mobile networks. The largest share of the traffic increase has been absorbed by fixed residential networks, which has experienced a 20-100 percent growth. But many service providers also noticed a spike in demand on their mobile network.
Even with the changing landscape, organisations today are seeking out solutions that can help them gain a foothold in the post pandemic future. The current global scenario has seen more public and private organisations across the developing countries are moving towards implementing AI & RPA solutions to assist in business functionality.
While Indian organizations have shown improvement in terms of their cyber resiliency by hiring skilled professionals and overall planning, there needs to be a lot more done to manage the dynamic cybersecurity landscape. Organizations need to look at testing their cybersecurity incident response plan regularly and leverage technologies like Automation, Cloud, AI, and interoperable solutions to help sail through any unforeseen situation against the emerging threats.
A new global report from IBM security, found that even amongst organizations with a formal cybersecurity incident response plan (CSIRP), only 33% had playbooks in place for specific types of attacks. Since different breeds of attack require unique response techniques, having pre-defined playbooks provides organizations with consistent and repeatable action plans for the most common attacks they are likely to face.
Amongst the minority of responding organizations who do have attack-specific playbooks, the most common playbooks are for DDoS attacks (64%) and malware (57%). While these methods have historically been top issues for the enterprise, additional attack methods such as ransomware are on the rise. While ransomware attacks have spiked nearly 70% in recent years, only 45% of those in the survey using playbooks had designated plans for ransomware attacks.
Technology was another differentiator that helped organizations in the report become more cyber resilient, especially when it comes to tools that helped them resolve complexity. Overall, the data suggests that surveyed organizations that were more mature in their response preparedness relied more heavily on technology innovations to become more resilient.
We can’t deny the fact that more tools have led to worse response capabilities. The report also found that complexity is negatively impacting incident response capabilities. Those surveyed estimated their organization was using more than 45 different security tools on average, and that each incident they responded to required coordination across around 19 tools on average. However, the study also found that an over-abundance of tools may actually hinder organizations ability to handle attacks. Adopting more tools didn’t necessarily improve security response efforts in fact, it may have done the opposite.
Secondly, containerization has many benefits and as a result it has seen wide adoption. According to Gartner, by 2020, more than 50% of global organizations will be running containerized applications in production. However, building apps using Docker containers also introduces new security challenges and risks. A single compromised Docker container can threaten all other containers as well as the underlying host, underscoring the importance of securing Docker.
Organizations have to manage risk while empowering business mobility by controlling access to applications and data across any location, network and device for increasing productivity for the modern workforce. Container workloads are deployed as part of an architecture that may include: Public (AWS, GCP, Azure) clouds, Private clouds (VMware) and Hybrid clouds integrated with traditional workloads consisting of servers and VMs, while working with serverless components on the compute side.
It is definitely a challenging time ahead for the IT and security leaders for reducing business risk to acceptable levels while ensuring ease of use and productivity, with the increasing demand on the agility, flexibility, while most the employees are working from home. At the same time, it’s essential to protect enterprise apps and data from being compromised by security threats, prevent loss and theft, and ensure full compliance with standards and regulations.
As the Covid-19 vaccine doesn’t exist yet, although trials of potential vaccines are going, I would like to say, as the first half of the year has passed with deep difficulties, we have to live with a hope that the vaccine would come by the rest half of the year.
Pls. don’t forget to share your comments on our newer initiative i.e. VARINDIA News Hour, which is a Digital TV channel over YouTube and is also available on all digital mediums. Pls. stay safe and healthy.