Cybersecurity and pandemic: expanding the scope of attack
Online crime and coronavirus today are strongly linked.
Hackers continue to use the health crisis to further spread their field of attack. Whether it's news or old vulnerabilities, anything can be used when you've decided to target computer systems to do as much damage as possible.
Computer security experts are now unanimous, the pandemic of Covid-19 has allowed cybercrime to expand its attack area. And the causes are diverse but concrete. As the main cause, we have telework, which has led to the switch of a large part of employees to using remote computer services to keep afloat, the activities of their companies despite the containment that forced them to stay at home. Unfortunately, the implementation of a system has not been done according to the rules of the art. The consequences of a telework deployment quickly became noticeable. Companies that have exposed their computer systems and networks in spite of themselves have faced an increase in attacks. Even more advanced, and more massive. It must be admitted that they were helped in their tasks. Indeed, the majority of teleworkers continued to operate using devices, which were originally intended for personal use. Tools that were much more exposed to cybercrime were used to access servers, information and networks that are supposed to remain professional and sensitive.
However, it is to be expected that such a situation may continue for quite some time
According to a recent analysis by RiskIQ, a company specializing in cybersecurity, specifically in digital asset protection, there were nearly 2,959,498 records of domain names and new unique hosts to the tune of 772,786,941. Such a result was possible thanks to an Internet scanner tool that would analyze the web over a period of 2 weeks. Thanks to the data collected, the company was able to develop a report on the state of the Internet.In addition, the top ten thousand websites on Alexa's list, operate under a management platform already well known like WordPress. Platforms that are usually riddled with cyber criminals because they are a little too popular. For example, about 13,222 WordPress plugins work on these detected websites. Computer security specialists consider its tools to be the most common source of vulnerabilities. In this regard, RiskIQ notes that out of 2480 Alexa domains, out of the top 10,000, at least one potentially risky component could be identified on each of them. The security company has successfully detected nearly 8121 web components at risk of vulnerability. "While some of these instances will receive patches and others will benefit from mitigation controls to prevent the exploitation of known vulnerabilities and vulnerabilities, not all jurisdictions will," RiskIQ warns.
Moreover, by analysing the Internet assets of very large British companies in particular some of the stock index. The security company has identified the use of 324 outdated certificates each company, 46 web framework affected by previously identified security vulnerabilities, 80 expired PHP 5.x instances and nearly 664 versions of web servers stopped by old uncorrected vulnerabilities. "While the line between what is inside and outside the firewall is becoming less and less noticeable, it must be considered today that a company's attack surface – all it needs to worry about – now includes inside the company's network and extends to the outer limits of the Internet, and even to the employees' homes," the firm says in its report. "The depth and extent of the surface to be defended could discourage security teams. However, looking at the Internet from the point of view of the attacker – a series of digital assets to be exploited in future campaigns – we can put into perspective the size of the company's attack surface."
In addition, one of the risks to which employees are most exposed is malware used to steal user data. As mentioned above, the majority of employees use personal tools for their work, increasing the risk of cyber-friendly acts such as phishing. And this from social networks to media platforms. Not to mention the malicious advertisements that are most often affiliated with mobile applications. RiskIQ's report mentioned the fact that nearly 170,796 mobile applications, despite being blacklisted, were available at 120 online app stores last year. On the Google PlayStore, 25,000 malicious applications have been identified. "In a world of digital engagement, users find themselves outside the traditional security perimeter, and an increasing number of corporate digital assets are exposed to malicious actors (…) Today, companies need to adopt security strategies that take this change into account. Attackers now have many more access points to explore or exploit, and these access points are little or no monitoring." RiskIQ concludes in its report.
Now access an unlimited number of passwords: