Remote Workers In The Crosshairs: Mimecast Publishes New Report Detailing Threat Actor Attacks During “The Year Of Social Distancing”

0
 Mimecast Limited  a leading email security and cyber resilience company, announced the publication of its new “The Year of Social Distancing” global report. Drawing on data from the Mimecast threat intelligence team, the report details how threat actors targeted remote workers during the first year of the pandemic, March 2020 – February 2021. The report describes how attack volume surged by 48% during the first year of the pandemic, with sudden increases in volume corresponding to spikes in COVID-19 infection rates in April and October 2020.

“Threat actors took advantage of the pandemic to launch a torrent of COVID-19-themed social engineering attacks, understanding that people were under stress working in the home environment, and thus more likely to be deceived and make mistakes,” said Josh Douglas, vice president, product management at Mimecast. “The second part of that strategy was to ‘flood the zone’ in security operations centers. They knew analysts would also be stressed and stretched thin, so overwhelming them with a high volume of threats would increase the likelihood of their attacks slipping through defenses.”

The report also examines the cyber habits of at-home workers, which revealed some alarming facts, including:

  • A 3x rise in unsafe clicks in March 2020, right when the work-from-home trend began.
  • U.S. workers were nearly twice as likely to open suspicious emails as were workers in the U.K. and Germany.
  • A 60% increase in the use of company-issued computers for personal business.

Even though vaccine rollouts have begun and organizations may soon start making plans for people to return to offices in the months ahead, the Mimecast threat intelligence team has assessed the likelihood of threat actors continuing to exploit the unsettled work situation as very likely (³95%). These exploitation efforts will likely focus both on remote workers and those returning to the office – which creates the possibility of a new “unsettled” situation that opens the door for the possibility of new waves social engineering campaigns.

“We’re now seeing sophisticated digital-deception campaigns where threat actors combine COVID-19-related social engineering with multi-channel campaigns – including email, social media and even phone – to gain credibility with their targets so they can then be tricked into giving away valuable information or credentials,” said Douglas. “We expect this challenging threat environment to continue for the foreseeable future as employees transition to the new normal – which in many cases will be a hybrid in-office/at-home work mix. It has never been more important for enterprises to take steps to counter these digital-deception campaigns by hardening employees as targets through ongoing cybersecurity training programs, and to secure the infrastructure of the new ‘virtual workplace’ – particularly email and collaboration tools.”

Download the full global report here – “The Year of Social Distancing.”

Image Licensed by: Pixaby.com

Related News: 

BeyondTrust Finds 56 Percent of Critical Microsoft Vulnerabilities can be Mitigated by Removing Admin Rights

Barracuda enhances solution and service offering for today’s security-centric MSP

Share.

About Author

Leigh Porter's first love is to love people. Beginning her career as a neonatal RN was an obvious choice until life threw the curve ball to embark on a new IT endeavor. Pursuing this fresh career was a piece of cake with her resilient and steadfast character. Outside of the office, Leigh also diligently gives much of her time faithfully as a nationally awarded volunteer leader to a very dear to her heart organization.