VMware Research: 'Overwhelming' Volume of COVID-19 Cyberattacks

The COVID-19 pandemic has overwhelmingly impacted the cyberattack landscape, according to the latest VMware research.

The VMware report, titled “Extended Enterprise Under Threat,” is based on a survey of 250 U.S. CIOs, CTOs and CISOs. Opinion Matters, an independent research company, compiled data for the report in March and April on behalf of VMware Carbon Black.

The VMware research shows an increase in both cyberattack volume and breaches during the past year. This has prompted increased investment in cyber defense. And U.S. businesses already are using an average of more than nine different cybersecurity tools.

Rick McElroy is cyber security strategist at VMware Carbon Black. He said 89% of U.S. respondents experienced cyberattacks linked to COVID-19 malware.

VMware Carbon Black’s Rick McElroy

“Additionally, across the globe, organizations reported the inability to implement multifactor authentication (MFA) has been [the] biggest security and business resilience threat during COVID-19,” he said.

Organizations should adopt the Mitre ATT&CK framework for their security programs, McElroy said.

“While some have implemented them, quite a number of respondents still say they haven’t aligned with it,” he said. “This along with MFA would take a huge swing at preventing, detecting and responding to the two critical techniques attackers use: lateral movement and credential harvesting. If you can stop or detect those, you are in a much better place then other organizations.”

Blame the OS

Operating system (OS) vulnerabilities are the leading cause of breaches. Also, web application attacks and island-hopping are common breach causes.

According to a supplemental survey of more than 1,000 respondents from the United States, United Kingdom, Singapore and Italy, 88% of U.S. cybersecurity professionals said the work-from-home trend has led to more attacks.

“A number of issues were highlighted during the initial COVID-19 outbreak,” McElroy said. “The two top ones were weaknesses in disaster recovery and business continuity plans. Teams saw a number of areas where communications to external third parties, customers and employees broke down and had gaps around visibility into cybersecurity threats.”

Eighty-four percent of U.S. respondents said they encountered problems around enabling a remote workforce.

“The large number of breaches reported by each team is actually a good sign,” McElroy said. “It means we have better people, processes and technologies in place to identify the breaches that are occurring. There’s still some work to do to get to the root cause of these breaches and vulnerabilities, but the increase in visibility is a step in the right direction.”