Avoiding the consequences of unforeseen security vulnerabilities


During periods of fear and uncertainty, such as the COVID-19-dominated period we’re living in now, the risk for cyberattacks, such as DDoS attacks and costly data breaches increases exponentially. For some perspective, recent data shows (before coronavirus lockdowns and its unforeseen security risks hit):

Taking the unpredictable COVID-19-related threats and strains into account, we could be looking at even more dramatic threats and risks. 

Gaps in security and new ways of working will lead to data breaches and security problems over the coming weeks and months.” - Zdnet

 

cybersecurity-data

Creator: MicrovOne 

 

COVID-specific security challenges

Another growing class of threat is the rise of COVID-19-specific challenges, which prey on the vulnerabilities of both systems and humans. According to security firm Zscaler, companies have seen a staggering 30,000% increase in various cybersecurity threats since January 2020.

For example:

  • COVID and government-themed phishing emails (to the tune of 240 million emails daily by mid-April), e.g., offering information on applying for COVID-19 stimulus or unemployment funding
  • a slew of ransomware attacks, often aimed at healthcare organizations and hospitals, which cannot afford the cost and downtime of such threats at the best of times
  • a massive increase in number of attacks targeting remote workers, such as fake software/apps, such as VPN ‘updates’ containing malware, trojanized/booby-trapped versions of popular apps like Skype or Signal that contain surveillanceware
  • the registration of tens of thousands of new, fake domains with COVID-related addresses and keywords 
  • a rise in site spoofing and DNS cache poisoning

 

Lock security down while unleashing performance

Many of these challenges require organizational change and employee/user education about cybersecurity more broadly. Education and reinforcing cybersecurity messaging is the only way to build awareness on that front.

While there’s not a lot that software can do to mitigate human risks, solutions like Varnish, can help you avoid the consequences of unforeseen security vulnerabilities like those mentioned above. Balancing performance, availability and security, Varnish promotes mitigation tactics, such as active detection and identification as part of a robust, multi-pronged cybersecurity strategy. 

 

 

security_matters_download

Topics: cybersecurity, cyber threats, data security, cyber attacks, DDoS attacks, pishing attacks, malware, data breaches, pishing emails

6/16/20 1:07 PM by Miles Weaver

All things Varnish related

The Varnish blog is where the our team writes about all things related to Varnish Cache and Varnish Software...or simply vents.

SUBSCRIBE TO OUR BLOG

Recent Posts

Posts by Topic

see all

Varnish Software Blog