More than half the cybersecurity attacks identified in the first quarter by RSA were phishing attacks. In total, RSA identified 50,119 cyberattacks worldwide in the first quarter. Obviously, a huge percentage of those phishing attacks shared a common set of COVID-19 themes that in the second quarter of 2020 clearly increased. As the COVID-19 pandemic continues to dominate the news cycle cybersecurity teams should naturally expect phishing and other types of related attacks to become much more pervasive and sophisticated throughout the year.
The RSA report, for example, notes brand abuse attacks involving both website and social media content and fake domain registrations made up 22% of all attacks in the first quarter, an increase of 5% over the prior fourth quarter of 2019. The RSA report spans the January through March timeframe, which was when the pandemic was first making its presence felt in China and Europe. Since then cybercriminals have had plenty of time to further hone their attack strategies.
Account takeovers are likely to be at the forefront of those efforts. The RSA report notes the volume of fraud transactions originating in a mobile application (26%) rather than a mobile browser doubled for the quarter. That suggests cybercriminals have successfully increased the number of end-user accounts they have been able to take over.
The highest-profile victim of just such an attack is, of course, Twitter. The social media platform is still trying to determine how accounts belonging to Joe Biden, Barak Obama, Elon Musk, Bill Gates, and others were taken over by cybercriminals that then tricked people into making fraudulent Bitcoin donations. A statement issued by Twitter says it detected “a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.” Twitter has not yet revealed how that was accomplished. However, it’s clear account takeovers led to a fraud being perpetrated on an unprecedented scale.
Those types of attacks can also ultimately destroy the trust and confidence end users have in a platform or brand. At a time when many organizations are betting on digital business processes to weather the economic downturn brought on by the pandemic, the prospect that customers may turn away from online mediums to conduct transactions is nothing short of frightening. There is now a direct correlation between the level of cybersecurity implemented and brand value. As such, cybersecurity conversations are now being elevated everywhere. The board of directors no longer views cybersecurity as an IT problem. It’s become an existential threat to the business.
It’s painfully apparent organizations will need to invest in machine learning algorithms and other forms of artificial intelligence to address the threats posed by phishing, account takeovers, and fake web sites. Most organizations, especially financial services firms, have already made some investments in these technologies with varying degrees of success. The challenge is applying AI in a way that doesn’t create a level of friction that ultimately frustrates end customers to the point where they would simply rather not engage. Striking the right balance between cybersecurity and customer experience will become more challenging as everyone continues to adjust to what has become the new digital normal.
Despite the level of threat faced cybersecurity teams will need to remain flexible. There’s always a temptation to lock everything down when threatened. The important thing to remember from a business perspective is to make sure the proverbial cure doesn’t wind up being worse than the disease. That may not be the most satisfying answer in the short term. However, most business leaders are going to bet that staying in business is still preferable to effectively shutting down. The challenge now is determining how best to mitigate increased the inherent risks of a digital strategy at a time when the business has never needed the expertise of its cybersecurity team more to survive.
Mike Vizard