During periods of fear and uncertainty, such as the COVID-19-dominated period we’re living in now, the risk for cyberattacks, such as DDoS attacks and costly data breaches increases exponentially. For some perspective, recent data shows (before coronavirus lockdowns and its unforeseen security risks hit):
- In H1-2019, according to Forbes, data breaches exposed 4.1 billions records, including private credentials.
- The average cost of a data breach is USD 3.9 million, according to IBM.
- Cybercrime will cost businesses as a whole USD 6 trillion by 2021.
Taking the unpredictable COVID-19-related threats and strains into account, we could be looking at even more dramatic threats and risks.
COVID-specific security challenges
Another growing class of threat is the rise of COVID-19-specific challenges, which prey on the vulnerabilities of both systems and humans. According to security firm Zscaler, companies have seen a staggering 30,000% increase in various cybersecurity threats since January 2020.
- COVID and government-themed phishing emails (to the tune of 240 million emails daily by mid-April), e.g., offering information on applying for COVID-19 stimulus or unemployment funding
- a slew of ransomware attacks, often aimed at healthcare organizations and hospitals, which cannot afford the cost and downtime of such threats at the best of times
- a massive increase in number of attacks targeting remote workers, such as fake software/apps, such as VPN ‘updates’ containing malware, trojanized/booby-trapped versions of popular apps like Skype or Signal that contain surveillanceware
- the registration of tens of thousands of new, fake domains with COVID-related addresses and keywords
- a rise in site spoofing and DNS cache poisoning
Lock security down while unleashing performance
Many of these challenges require organizational change and employee/user education about cybersecurity more broadly. Education and reinforcing cybersecurity messaging is the only way to build awareness on that front.
While there’s not a lot that software can do to mitigate human risks, solutions like Varnish, can help you avoid the consequences of unforeseen security vulnerabilities like those mentioned above. Balancing performance, availability and security, Varnish promotes mitigation tactics, such as active detection and identification as part of a robust, multi-pronged cybersecurity strategy.