Security MSPs are dealing with a huge spike in ransomware attacks as a result of cybercriminals exploiting the COVID-19 crisis.
As part of CPI's DeskFlix episode on cybersecurity, which can now be watched on-demand here, security experts from leading players including Arkphire, Atea and NTT Ltd revealed the inventive ways in which cybercriminals are weaponising the COVID-19 crisis.
With a huge portion of the European workforce being asked to work from home almost overnight, cybercriminals have taken advantage of unprotected devices and used social engineering techniques to force their way into company networks.
Even industry giants such as DXC Technology and Cognizant have fallen victim to large scale ransomware attacks, with the latter expecting losses of up to $70m due to the incident.
Speaking to CPI NTT Ltd's SVP of cybersecurity in Europe, Stefaan Hinderyckx, said that the frequency and gravity of ransomware attacks has spiked over the last six months, bringing whole organisations to their knees.
Hinderyckx said that sending employees home with just 48 hours' notice has meant that most workers are using laptops that are ill-equipped to protect the user from malware.
A combination of weak endpoints, clever social engineering techniques and the creation of COVID-19 domain names led to a spike in malware and ransomware attacks so far this year.
"There's a lot of R&D going on on the dark side to actually use COVID to create fear and anxiety within the population," he said.
"Because of COVID, the click rate has increased, which has led to more ransomware launchers being downloaded to endpoints. An additional complication is that people have been sent home very rapidly. In Belgium it was within 48 hours that people had to go home and the lockdown became a fact.
All of that has increased the number of ransomware attacks, but also the gravity of them. More serious stuff is happening, like whole companies going flat because of that. So there's definitely an impact that our analysts are seeing from our managed security services operations that we run across the globe."
Meanwhile the leader of Atea's incident response team, Vegard Kjerstad, said that statistics show that remote access tools are becoming a more common point of access for cyberattackers than usual methods such as emails.
"When it comes to remote access, this is one of the ways in. remote access connections are heavily misused. A lot of statistics are saying that remote access is more commonly used than emails for these ransomware attacks. In the end they are one of the main administrators and they steal information, and threaten to sell information.
"And the ransom fees are increasing rapidly. So I was really afraid of a lot of easy remote access solutions, so we actually did a lot of customer work to check scanning their perimeter solutions and helping them improve and be preventative."
Click here to register and watch the full DeskFlix episode on-demand for free.
Cloud services provider’s shares fall by more than 20 per cent after opening bell
Collabtech opens HQ in UK
Paris-based engineering firm posts €294m loss in first half of 2020
We break down the key points on the rationale behind the move and how it will impact its MSP business
Move would establish MSP arm as a standalone company under existing president John Pagliuca