Mimecast today announced the publication of its new “The Year of Social Distancing” global report. Drawing on data from the Mimecast threat intelligence team, the report details how threat actors targeted remote workers during the first year of the pandemic, March 2020 – February 2021. The report describes how attack volume surged by 48% during the first year of the pandemic, with sudden increases in volume corresponding to spikes in COVID-19 infection rates in April and October 2020.
“Threat actors took advantage of the pandemic to launch a torrent of COVID-19-themed social engineering attacks, understanding that people were under stress working in the home environment, and thus more likely to be deceived and make mistakes,” said Josh Douglas, vice president, product management at Mimecast. “The second part of that strategy was to ‘flood the zone’ in security operations centers. They knew analysts would also be stressed and stretched thin, so overwhelming them with a high volume of threats would increase the likelihood of their attacks slipping through defenses.”
The report also examines the cyber habits of at-home workers, which revealed some alarming facts, including:
• A 3x rise in unsafe clicks in March 2020, right when the work-from-home trend began.
• In the UAE, 61 % of the respondents admitted to opening suspicious emails, while 50% do not report suspicious emails to their IT or security teams.
• 87% of UAE respondents extensively use their company-issued device for personal matters, with two-thirds (66%) admitting to an increase in frequency since starting to work remote.
Even though vaccine rollouts have begun and organizations may soon start making plans for people to return to offices in the months ahead, the Mimecast threat intelligence team has assessed the likelihood of threat actors continuing to exploit the unsettled work situation as very likely (>=95%). These exploitation efforts will likely focus both on remote workers and those returning to the office – which creates the possibility of a new “unsettled” situation that opens the door for the possibility of new waves social engineering campaigns.
“We’re now seeing sophisticated digital-deception campaigns where threat actors combine COVID-19-related social engineering with multi-channel campaigns – including email, social media and even phone – to gain credibility with their targets so they can then be tricked into giving away valuable information or credentials,” said Douglas. “We expect this challenging threat environment to continue for the foreseeable future as employees transition to the new normal – which in many cases will be a hybrid in-office/at-home work mix. It has never been more important for enterprises to take steps to counter these digital-deception campaigns by hardening employees as targets through ongoing cybersecurity training programs, and to secure the infrastructure of the new ‘virtual workplace’ – particularly email and collaboration tools.”