Skip to main content

2020 could be 'the worst year in cybersecurity history'

security
(Image credit: Shutterstock / La1n)

Businesses around the world are severely unprepared to face the sheer scale of cyberhtreats facing us today, new research has claimed.

The latest 2020 Business Threat Landscape report from security firm Bitdefender has said that this could be the worst year in cybersecurity history, as despite multiple warnings, many firms still aren't ready to protect themselves.

Bitdefender's report found that the "new normal" of remote working had led many businesses to face difficulties in ensuring their online protection, with 50% of organisations "completely unprepared" to face a scenario in which they had to migrate their entire workforce in a working from home environment. 

Multiple threats

The report also found a rise in attacks specifically targeting those organisations that may have had issues switching to remote working, particularly small businesses. Bitdefender found that 47% of all reported network-level attacks involve SMB exploits, and that 4 in 10 emails mentioning coronavirus are fraud, phishing, or malware.

Older attacks and exploits were also found to be making a comeback, targeting those organisations that may be behind on updated their protection.

Bitdefender's report shows that nearly two thirds (64%) of all reported unpatched vulnerabilities involve CVEs that are older than 2018, highlighting the increase in opportunistic attacks.

But there was also an increase in stealth/covert execution tactics, particularly the use of PowerShell commands and scripts, to fly under the radar of traditional security protection, and also a rise in APT "hackers-for-hire" who offered their services to target specific organisations or industries.

With further lockdowns and downsizing ahead, it's likely that such threats will continue into 2021, meaning companies of all sizes will need to up their security game to stay protected.

"The threat landscape for businesses during the first half of 2020 has changed considerably in terms of attack surface, threats, and challenges brought forward by the global coronavirus pandemic. Organizations that learn to adapt by understanding these new trends, will have the opportunity to both increase their cybersecurity resilience and strengthen their business continuity," Bitdefender's report said.

"The pandemic has caused company infrastructures to be redesigned and support indefinite remote work, but the overnight changes made to policies and configurations are likely to have opened up new attack vectors that threat actors could exploit on the long run."