Just as it is no surprise that criminals are taking advantage of the global coronavirus (COVID-19) health crisis, so it is no surprise that cybersecurity professionals are feeling the pressure. Ninety-five percent say they are facing additional challenges with increased attacks and new work-from-home demands.
Check Point Software, together with Dimensional Research, surveyed 411 global IT and security professionals from companies with more than 500 employees to test the pulse of this increased pressure. “The results,” it says in a blog, “are sobering.” Direct attacks are up all round, with 71% of respondents having seen an increase.
Phishing is, of course, the primary threat. Increased phishing attacks have been widely reported throughout the media, but it seems from this survey that more than half (55%) of all IT/security professionals have experienced them at first hand. Thirty-two percent have seen an increase in malicious websites purporting to offer information or advice on the pandemic; 28% have experienced an increase in malware attacks; and 19% have detected an increase in ransomware attacks.
In recent separate research, Check Point found that new coronavirus-themed domains are 50% more likely to be malicious than other domains; and that in the early days of the pandemic there was a huge surge in the number of new domain registrations — almost 10 times the number in earlier weeks. Of these, it found that almost 20% were malicious or suspicious.
On April 4, Interpol issued a warning on increased ransomware attacks, saying its Cybercrime Threat Response team had “detected a significant increase in the number of attempted ransomware attacks against key organizations and infrastructure engaged in the virus response.” It added, “At this point, the ransomware appears to be spreading primarily via emails – often falsely claiming to contain information or advice regarding the coronavirus from a government agency.”
At the same time, the FBI has warned that it is expecting an increase in COVID-19 scams, including BEC attacks.
The new normal of working from home is adding its own pressures to the mix, with 61% of the security professionals expressing concern about the need for rapid adjustments. What would normally be a long-term project — to provide a secure home working environment — has suddenly become an overnight requirement.
Fifty-five percent are worried about the need for improved remote access security, 49% are concerned about the need to scale up security remotely, and 47% are worried that new home workers are finding and using untested software, tools and services (such as trojanized versions of Zoom).
It may be that the coronavirus pandemic is merely changing an organized and slow growth towards more home working into an uncontrolled and irreversible stampede. In the future it is likely that almost all organizations will need to be able to offer at least partial home working in order to attract the right quality of staff. It’s important to get it right.
“It is critical,” says Check Point, “that [businesses] rapidly adapt to their new working patterns, and protect themselves with a holistic, end-to-end cyber architecture. This means ensuring accessible and reliable connections between corporate networks and remote devices, 24/7, promoting collaboration and productivity between teams, networks and offices, and retaining robust security against evolving threats and cybercrime techniques.”
Related: Coronavirus Malware Makes Devices Unusable by Overwriting MBR
Related: China-linked APT Hackers Launch Coronavirus-Themed Attacks
Related: State-Backed Players Join Pandemic Cyber Crime Attacks
Related: Zoom’s Security and Privacy Woes Violated GDPR, Expert Says

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.
More from Kevin Townsend
- Cyber Insights 2023 | Zero Trust and Identity and Access Management
- Cyber Insights 2023 | The Coming of Web3
- Fraudulent “CryptoRom” Apps Slip Through Apple and Google App Store Review Process
- Cyber Insights 2023: Venture Capital
- Cyber Insights 2023 | Supply Chain Security
- Cyber Insights 2023 | Regulations
- Cyber Insights 2023 | Ransomware
- Cyber Insights 2023 | Quantum Computing and the Coming Cryptopocalypse
Latest News
- Comcast Wants a Slice of the Enterprise Cybersecurity Business
- Critical Baicells Device Vulnerability Can Expose Telecoms Networks to Snooping
- New York Attorney General Fines Vendor for Illegally Promoting Spyware
- SecurityWeek Analysis: Over 450 Cybersecurity M&A Deals Announced in 2022
- 20 Million Users Impacted by Data Breach at Instant Checkmate, TruthFinder
- Cyber Insights 2023 | Zero Trust and Identity and Access Management
- Cyber Insights 2023 | The Coming of Web3
- European Police Arrest 42 After Cracking Covert App
