VMware Releases Global Incident Response Threat Report Detailing Surge in Sophisticated Cyberattacks as eCrime Groups Grow More Powerful
October 21, 2020VMware, Inc. released the results of its sixth Global Incident Response Threat Report, entitled: “The Cybersecurity Tipping Point: Election, COVID-19 Create Perfect Storm for Increasingly Sophisticated Cyberattacks.”
The research found the cybersecurity challenges of the global pandemic are now colliding with the 2020 U.S. presidential election resulting in a surge of cyberattacks. As eCrime groups grow more powerful, these attacks have grown increasingly sophisticated and destructive – respondents reported that 82 percent of attacks now involve instances of counter incident response (IR), and 55 percent involve island hopping, where an attacker infiltrates an organization’s network to launch attacks on others within the supply chain.
“The disruption caused by COVID-19 has created a massive opportunity for criminals to restructure their businesses,” said Tom Kellermann, Head of Cybersecurity Strategy, VMware Carbon Black. “The rapid shift to a remote world combined with the power and scale of the dark web has fueled the expansion of eCrime groups. And now ahead of the election, we are at cybersecurity tipping point, cybercriminals have become dramatically more sophisticated and punitive focused on destructive attacks.”
Data for the report is based on an online survey of eighty-three incident response (IR) and cybersecurity professionals from around the world in September 2020. The key survey findings from IR and cybersecurity professionals include:
- Incidents of counter IR are at an all-time high, occurring in 82% of IR engagements – suggesting the prevalence of increasingly sophisticated, often nation-state attackers, who have the resources and cyber savvy to colonize victims’ networks. Destructive attacks, which are often the final stage of counter IR have also surged, with respondents estimating victims experience them 54% of the time.
- 55% of cyberattacks target the victim’s digital infrastructure for the purpose of island hopping. The pandemic has left organizations increasingly vulnerable to such attacks as their employees shift to remote work – and less secure home networks and devices.
- Custom malware is now being used in 50% of attacks reported by respondents. This demonstrates the scale of the dark web, where such malware and malware services can be purchased to empower traditional criminals, spies and terrorists, many of whom do not have the sophisticated resources to execute these attacks.
- As we approach the presidential election, cybersecurity remains a top concern and nation-state attackers pose a significant threat. Drawing upon their security expertise – and in line with recent advisories from Cybersecurity & Infrastructure Security Agency (CISA) – 73% of respondents believe there will be foreign influence on the 2020 U.S. presidential election, and 60% believe it will be influenced by a cyberattack.
For more on the evolving threat landscape and best practices for IR and security teams looking to fight back, download the full report here.