'Whole companies have fallen flat' - Security experts reveal how cyberattackers have exploited the COVID-19 crisis

Josh Budd
clock • 2 min read

Security experts from Arkphire, NTT Ltd and Atea discuss the evolving threat landscape during CPI's Deskflix event

 

Security MSPs are dealing with a huge spike in ransomware attacks as a result of cybercriminals exploiting the COVID-19 crisis.

As part of CPI's DeskFlix episode on cybersecurity, which can now be watched on-demand here, security experts from leading players including Arkphire, Atea and NTT Ltd revealed the inventive ways in which cybercriminals are weaponising the COVID-19 crisis.

With a huge portion of the European workforce being asked to work from home almost overnight, cybercriminals have taken advantage of unprotected devices and used social engineering techniques to force their way into company networks.

Even industry giants such as DXC Technology and Cognizant have fallen victim to large scale ransomware attacks, with the latter expecting losses of up to $70m due to the incident.

Speaking to CPI NTT Ltd's SVP of cybersecurity in Europe, Stefaan Hinderyckx, said that the frequency and gravity of ransomware attacks has spiked over the last six months, bringing whole organisations to their knees.

Hinderyckx said that sending employees home with just 48 hours' notice has meant that most workers are using laptops that are ill-equipped to protect the user from malware.

A combination of weak endpoints, clever social engineering techniques and the creation of COVID-19 domain names led to a spike in malware and ransomware attacks so far this year.

"There's a lot of R&D going on on the dark side to actually use COVID to create fear and anxiety within the population," he said.

"Because of COVID, the click rate has increased, which has led to more ransomware launchers being downloaded to endpoints. An additional complication is that people have been sent home very rapidly. In Belgium it was within 48 hours that people had to go home and the lockdown became a fact.

All of that has increased the number of ransomware attacks, but also the gravity of them. More serious stuff is happening, like whole companies going flat because of that. So there's definitely an impact that our analysts are seeing from our managed security services operations that we run across the globe."

Meanwhile the leader of Atea's incident response team, Vegard Kjerstad, said that statistics show that remote access tools are becoming a more common point of access for cyberattackers than usual methods such as emails.

"When it comes to remote access, this is one of the ways in. remote access connections are heavily misused. A lot of statistics are saying that remote access is more commonly used than emails for these ransomware attacks. In the end they are one of the main administrators and they steal information, and threaten to sell information.

"And the ransom fees are increasing rapidly. So I was really afraid of a lot of easy remote access solutions, so we actually did a lot of customer work to check scanning their perimeter solutions and helping them improve and be preventative."

Click here to register and watch the full DeskFlix episode on-demand for free.

More on Vendor

Microsoft unveils first Windows 11 2022 update

Microsoft unveils first Windows 11 2022 update

22H2 focuses on four important innovation areas, including boosting security controls for those working in hybrid settings

clock 26 September 2022 • 2 min read
Microsoft SQL servers are being targeted in FARGO ransomware attacks

Microsoft SQL servers are being targeted in FARGO ransomware attacks

FARGO ransomware, also known as Mallox and TargetCompany, disables database protections then encrypts records within

clock 26 September 2022 • 2 min read
Pure Storage drives green efforts with new channel sustainability assessment solution

Pure Storage drives green efforts with new channel sustainability assessment solution

The tool provides power savings analysis and a greenhouse gas emissions monitor

Kelsey Rees
clock 23 September 2022 • 1 min read

Spotlight on

Register for your free place - Inside Track Security Europe Where Next For The Channel? - goes live Oct 5th

Register for your free place - Inside Track Security Europe Where Next For The Channel? - goes live Oct 5th

CPI's studio broadcast event will bring together MSP leaders such as Atea, TietoEVRY, NTT Data, Logicalis, Cloudera, Assured Data Protection and Kudelski Security from across multiple EMEA regions to share the top lucrative security opportunities right now

Nima Green
clock 26 September 2022 • 3 min read
Microsoft unveils first Windows 11 2022 update

Microsoft unveils first Windows 11 2022 update

22H2 focuses on four important innovation areas, including boosting security controls for those working in hybrid settings

clock 26 September 2022 • 2 min read
Microsoft SQL servers are being targeted in FARGO ransomware attacks

Microsoft SQL servers are being targeted in FARGO ransomware attacks

FARGO ransomware, also known as Mallox and TargetCompany, disables database protections then encrypts records within

clock 26 September 2022 • 2 min read
Ingram Micro Cloud Marketplace offers new Microsoft integration

Ingram Micro Cloud Marketplace offers new Microsoft integration

The launch of Microsoft Online Management Extension enables MSPs to expand their value-added services portfolio

Kelsey Rees
clock 26 September 2022 • 1 min read