Moving Target Defense Blog

The economic impact of a successful breach is one of the easiest to quantify. It’s also increasing constantly, with analysts predicting the cost of cybercrime globally will exceed $6 trillion annually by 2021, a 100% increase from 2015. Much of this cybercrime is perpetrated on or through the endpoint, with an end goal typically of either data exfiltration or encrypting the data and charging a ransom (often it’s both).

Virtual desktop security is always a critical topic when enterprises leverage virtual desktop infrastructures, or VDI, as part of their internal IT strategy. In recent months, however, VDIs have grown in importance as more people work from home; deploying virtual desktops is one way to ensure that remote employees are securely accessing the data and applications they need to do their jobs.

Malware authors worldwide have targeted the fear around COVID-19 as a way to further their goals. This isn’t really a new method of enticing people to download and run their malware; threat actors have always used disasters as a way to deliver their payloads. From that perspective, the COVID-19 pandemic is only the latest in a long line of disasters that threat actors--both financially motivated and state-sponsored--leverage to achieve their goals.

Protecting your organization from advanced threats has always been difficult. Adversaries innovate constantly, changing their attack vectors and finding new ways to infiltrate their target environment. The Trickbot trojan is one of the best examples; its authors have used news coverage from President Trump’s impeachment trial and the WSReset UAC Bypass among other changes to push the trojan past antivirus and malware scanners.

The 2018 Starwood Hotels breach is only the latest in a long line of high profile intrusions that hotels have faced. It’s notable primarily for how many customer records were exposed — 500 million worldwide according to parent company Marriott — and that the breach wasn’t discovered for four years. This makes the breach a particularly extreme outlier according to Ponemon Institute research data. A recent Ponemon report found that it takes an average of 197 days to discover a breach, and an average of 69 days to close it.

Retailers aren’t the only ones who benefit from the holiday shopping season. Cyberattacks cost retailers more than $30 billion annually, and losses often mount during the highly profitable holiday season.