BLOG: COVID’S Metamorphoses: a pandemic’s long-term impact on the cyber threat landscape – an introduction to the series
By Jamie MacColl
Over the past few months, COVID-19 has had a significant impact on cyber threats to governments, businesses and individuals. As the global economy has ground to a halt, cybercriminals and nation-states groups are taking advantage of the uncertainty and fear created by the virus to commit fraud, espionage and other malicious activity (see graph below). As we have noted in previous blogposts, threat actors are also taking advantage of the opportunities presented by enforced changes in working environments and cyber security practices due to the virus.
Much of this existing analysis of COVID-19 and the cyber threat landscape understandably takes a short-term view. The need secure remote working-related vulnerabilities and defend against ongoing COVID-19 phishing campaigns and tailored ransomware operations targeting the healthcare and pharmaceutical sectors has been paramount.
We also need to understand the way COVID-19 will change the long-term threat landscape. Horizon scanning for these changes is essential for organisations looking to ensure and enhance their cyber resilience. However, the pandemic has been unprecedented in its scope and the crises it has and will create. At the same time, the inability to predict the pandemic’s exact outcomes does not prevent us from identifying trends and drivers of change. There has now been an array of expert commentary on the long-term consequences of COVID-19. Nearly six months into the crisis, the impact of COVID-19 is beginning to have a discernable impact on geopolitics, economics, society, technology and legislation. We can rely on this commentary to make our own assessment on the nature of the changes underway in the cyber threat landscape.
Over the course of this six-part series Orpheus analysts will explain how COVID-19 is re-shaping cyber threats to business and governments, and how organisations can mitigate these threats.
Parts I and II assess the geopolitical impact of COVID-19 and the implication for nation-state cyber activity, including: the long-term impact of “vaccine nationalism” on nation-state cyber espionage campaigns and information operations; the rapid decline of Western relations with China since the onset of the crisis in early 2020 and the resulting implications for Chinese cyber activity.
Part VI examines the impact of longer-term technological changes brought about by COVID-19 that will affect the way people work, consumer and monitor health, and resulting implications for the attack surface for organisations and individuals. We also illustrate how the short-term focus on maintaining availability of systems has led to a backlog in patching updates being implemented, with long-term consequences for managing vulnerabilities and risk.
Continued chaos, changes in working and consuming habits, geopolitical tensions and an economic downturn will all provide new opportunities and targets for cybercriminal and nation-state actors. Despite this, the changes and trends we identify over the course of this four-part blog series do necessarily represent an entirely new paradigm for attackers and defenders. Instead, we will explain how the consequences of COVID-19 will mostly accelerate or build upon existing trends in the threat landscape.
Jamie MacColl is an Orpheus researcher.
To read the blogs in the series on the long term impact on the cyber threat landscape, please use below links.
Get our latest cyber intelligence insights straight into your inbox every week
Fill out the short form below to subscribe to our newsletter so that you never miss out on
our cyber intelligence insights and news.
Privacy Overview
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Orpheus is a leading cyber security company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. Our threat intelligence is used to create threat-led cyber risk ratings, providing a more accurate assessment of risk than just analysing an organisation’s attack surface. Products include; External attack surface management, risk-based vulnerability management, third-party supply chain risk management and cyber threat intelligence. Cyber security jobs and careers.
Strictly Necessary Cookies
These cookies are strictly necessary to provide you with services available through our website and to use some of its features. These must be enabled at all times, so that we can save your preferences.
Orpheus is a leading cyber security company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. Our threat intelligence is used to create threat-led cyber risk ratings, providing a more accurate assessment of risk than just analysing an organisation’s attack surface. Products include; External attack surface management, risk-based vulnerability management, third-party supply chain risk management and cyber threat intelligence. Cyber security jobs and careers.
If you do not enable Strictly Necessary Cookies, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.
Orpheus is a leading cyber security company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. Our threat intelligence is used to create threat-led cyber risk ratings, providing a more accurate assessment of risk than just analysing an organisation’s attack surface. Products include; External attack surface management, risk-based vulnerability management, third-party supply chain risk management and cyber threat intelligence. Cyber security jobs and careers.
3rd Party Cookies
This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.
Keeping this cookie enabled helps us to improve our website.
Orpheus is a leading cyber security company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. Our threat intelligence is used to create threat-led cyber risk ratings, providing a more accurate assessment of risk than just analysing an organisation’s attack surface. Products include; External attack surface management, risk-based vulnerability management, third-party supply chain risk management and cyber threat intelligence. Cyber security jobs and careers.
Please enable Strictly Necessary Cookies first so that we can save your preferences!
Orpheus is a leading cyber security company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. Our threat intelligence is used to create threat-led cyber risk ratings, providing a more accurate assessment of risk than just analysing an organisation’s attack surface. Products include; External attack surface management, risk-based vulnerability management, third-party supply chain risk management and cyber threat intelligence. Cyber security jobs and careers.
Orpheus is a leading cyber security company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. Our threat intelligence is used to create threat-led cyber risk ratings, providing a more accurate assessment of risk than just analysing an organisation’s attack surface. Products include; External attack surface management, risk-based vulnerability management, third-party supply chain risk management and cyber threat intelligence. Cyber security jobs and careers.
Request Demo Access
Fill out your details below and we'll be in touch to arrange demo access for you as soon as
possible.
