Cynet analysed its aggregate company data in Italy and found that companies with higher proportions of employees working remotely due to COVID-19 cases saw a rise in phishing attacks, compared to countries with fewer attacks.
These phishing attacks include those targeting remote user credentials, as well as weaponised email attacks.
35% of personal email systems encountered attacks involving exploitation of or redirection to malicious websites, while 32% were affected by malicious macros, and 21% by more simplistic means involving malicious links embedded in the email body.
Malicious remote login attempts have also been found to increase in a similar fashion to phishing attacks among Cynet customers.
Experts suggest ways to avoid phishing, as news of more cunning attacks emerge
The findings were announced via a blog post.
Means of protection
In regards to how cyber attacks were prevented from infiltrating company systems, over 40% were nullified by behavioural analysis, while almost 30% were stopped by static analysis on the part of machine learning,
Memory monitoring, meanwhile, did the trick for nearly 20%, and slightly over 10% by identification and blocking attacks using the user’s signature.
“The fact that only 10% of the malware attacks were identified by their signature indicates that the attackers behind these campaigns are using advanced attacking tools to take advantage of the employees working in non-secure home computing environments,” said Eyal Gruner, CEO and co-founder of Cynet.
“Our recommendation is for those employees to request enhanced offsite security and support to protect malicious access to sensitive IT systems and data.”
Cynet said in its blog post that the findings serve as a warning for CISOs worldwide in regards to possible vulnerabilities as a result of the COVID-19 pandemic.