Moving Target Defense Blog

If bad weather serves as an unpleasant reminder to fix a leaky roof, then COVID-19 has been something of a perfect storm for colleges and universities. As we uncovered in our recent Education Cybersecurity Threat Index, the pandemic has made addressing cybersecurity weaknesses an urgent operational necessity in higher education. Between the changing nature of how education is delivered, and emboldened threat actors, higher ed now faces an unprecedented threat level. 

With more people working from home than ever before in history, virtual desktop infrastructures have arisen as a fast and cost-effective method to ensure that remote workers can access the applications they need from wherever they are. In fact, VDI use might soon increase, as Gartner recently found that 74 percent of CFOs intend to shift some positions to working from home permanently because of increased efficiencies. 

Virtual desktop infrastructure (VDI) felt like a lifeline at the start of the Coronavirus pandemic. As offices rushed to close down and companies scrambled to operate remotely, those with VDI found the process to be surprisingly seamless. People didn’t have to bring the office home with them or make do with incomplete data and insufficient tools. Instead, they simply had to login to a portal to access a virtual copy of their own office desktop. The setting may have changed, but thanks to VDI, the workflows carried on as always.

Increasing numbers of headline-grabbing ransomware attacks are a concerning trend. They also point to a strong possibility that many organizations are falling behind threat actors in the cybersecurity arms race. As they fail to reassess their approaches to cybersecurity, organizations open themselves up to attacks that can be devastating and, in some cases, life-threatening.

The economic impact of a successful breach is one of the easiest to quantify. It’s also increasing constantly, with analysts predicting the cost of cybercrime globally will exceed $6 trillion annually by 2021, a 100% increase from 2015. Much of this cybercrime is perpetrated on or through the endpoint, with an end goal typically of either data exfiltration or encrypting the data and charging a ransom (often it’s both).

Virtual desktop security is always a critical topic when enterprises leverage virtual desktop infrastructures, or VDI, as part of their internal IT strategy. In recent months, however, VDIs have grown in importance as more people work from home; deploying virtual desktops is one way to ensure that remote employees are securely accessing the data and applications they need to do their jobs.

Malware authors worldwide have targeted the fear around COVID-19 as a way to further their goals. This isn’t really a new method of enticing people to download and run their malware; threat actors have always used disasters as a way to deliver their payloads. From that perspective, the COVID-19 pandemic is only the latest in a long line of disasters that threat actors--both financially motivated and state-sponsored--leverage to achieve their goals.

Protecting your organization from advanced threats has always been difficult. Adversaries innovate constantly, changing their attack vectors and finding new ways to infiltrate their target environment. The Trickbot trojan is one of the best examples; its authors have used news coverage from President Trump’s impeachment trial and the WSReset UAC Bypass among other changes to push the trojan past antivirus and malware scanners.

The 2018 Starwood Hotels breach is only the latest in a long line of high profile intrusions that hotels have faced. It’s notable primarily for how many customer records were exposed — 500 million worldwide according to parent company Marriott — and that the breach wasn’t discovered for four years. This makes the breach a particularly extreme outlier according to Ponemon Institute research data. A recent Ponemon report found that it takes an average of 197 days to discover a breach, and an average of 69 days to close it.

Retailers aren’t the only ones who benefit from the holiday shopping season. Cyberattacks cost retailers more than $30 billion annually, and losses often mount during the highly profitable holiday season.