Check Point: Cyber Threats Will Continue Long After COVID-19 Pandemic

The COVID-19 pandemic eventually will fade, but not its impact on cybersecurity, according to Check Point Software Technologies.

Organizations everywhere are at significant risk for cybercrime as they reopen their offices, it said. The primary reason behind these inevitable threats is the permanence of remote work, which Check Point calls the “new normal.”

The support of remote work required heavy reliance on the cloud, as well as online collaborations tools like Zoom. Consequently, the rapid changes exponentially grew the attack surfaces for hackers to exploit.

Check Point’s Maya Levine

Check Point surveyed 270 IT and security professionals to learn their priorities and concerns as their offices explore reopening.

Maya Levine is technical marketing engineer at Check Point. She said the pandemic has hurt businesses’ bottom line globally.

“We expect this decreasing revenue to negatively impact the ability to outsource services, even cybersecurity services critical to the pandemic response,” she said. “However, many companies will need help with ramping up their security in the face of this ‘new normal’.”

Check Point Poll Results

In the survey:

• Seventy-five percent of respondents said their offices were open again for limited numbers of employees as lockdowns lift. On average, staff are still working four out of five days at home. That means remote-working vulnerabilities and threats are here to stay.
• Over 75% of respondents said their biggest concern was an increase in cyberattacks, especially phishing and social engineering exploits. Fifty-one percent said that attacks on unmanaged home endpoints was a concern, followed by attacks against employee mobile devices at 33%.

In a separate survey, 71% of respondents reported an increase in cyberattacks during February and March.

“With the rush to enable remote access to corporate assets, many companies allowed connectivity from unmanaged home PCs that most of the time lack basic cyber-hygiene such as updated software patches, updated anti-malware or any kind of protection,” Levine said. “While 65% of respondents said their company blocks unmanaged PCs from corporate VPNs, just 29% deploy endpoint security on employees’ home PCs, and only 35% run compliance checks. Having endpoint security which can run compliance checks and enforce prevention of threats is key to securing remote workers.”

The new working conditions enforced by the global outbreak has triggered a spike in business email compromise (BEC) scams. That’s because more remote working means more opportunities to catch users off guard.

“Check Point research recently showed a 30% increase in COVID-19 related cyberattacks over the first two weeks of May, many of which involved email scams,” Levine said. “Companies should be investing in user training awareness with things such as phishing simulations to reduce the risk of BEC.”

Spike in Mobile Attacks, Data Breaches

In the past few months, Check Point researchers have seen a big jump in mobile attacks and data breaches happening from the mobile endpoint, Levine said.

“They have uncovered coronavirus-related malicious campaigns, sophisticated mobile ransomware attacks, and even mobile device management (MDM) getting weaponized to attack organizations,” she said. “If employees are accessing business resources from their mobile phone, employers must invest in mobile threat defense solutions.”

Hackers are capitalizing on organizations’ accelerated pace of digital transformation, remote access infrastructure and drastic moves to the cloud. Those will continue to be challenges for IT teams to secure, Levine said.

Organizations should be doing more to secure online collaboration tools, she said.

“Organizations should be installing endpoint security on employees’ computers with sandboxing capabilities,” Levine said. “This is a type of technology that can detect threats that have never been seen before (zero day threats) and therefore offer true prevention of threats.”

In addition, organizations should invest in network security with the capability to not only discover and inspect the applications used, but also expose actual user actions during the video conference session, she said.

“An attacker can leverage the ability to share files in video conference applications by uploading malicious content into public rooms, potentially infecting endpoints and mobile devices,” Levine said. “Your network security solution should have the capability to block file upload/download for a specific application.”

Every company now needs to rely more on its employees to guard its data and critical network credentials.

“The COVID-19 pandemic may be fading, but the cyber-crime pandemic it triggered is here to stay,” said Rafi Kretchmer, Check Point’s vice president of product marketing. “However, with the right approach to security, we can prevent attacks from causing widespread damage and disruption.”