Field Report – Cyber Attacks During COVID-19 with Ryan Kalember of Proofpoint.
Episode 231: Show Notes.
For this COVID-19 field report episode, we are joined by Ryan Kalember from Proofpoint where he is in charge of cybersecurity strategy. Ryan fills us in on the current landscape of cyber threats and what has changed during the pandemic and, interestingly, what has stayed the same. The coronavirus crisis has presented a huge opportunity for cybercriminals to exploit systems, using lures attached to all areas of the pandemic, however, as Ryan informs us, these lures use the same tactics with a different dressing. All of the ways in which phishing emails and attacks are conducted are the same as before this current period, it is the remote work model, overwork, and new systems that present refreshed opportunities for exploitation. In our conversation, we cover the range of ways bad actors are using these to their advantage and the trends in the cybersecurity space right now. Ryan takes us through the vulnerabilities that have become apparent during the last couple of months and shares some examples of how these can be taken advantage of. To finish off our chat, we look at the National Cyber Security Alliance and the focus of their work as well as how Ryan’s position at Proofpoint fits into the larger picture of cybersecurity right now.
Key Points From This Episode:
- The current landscape of cyber threats during the COVID-19 crisis.
- Actors involved in COVID lures and the different levels we can identify.
- The payloads and range of objectives that are present in these specific scams.
- Variations on the same kind of attacks we would normally see before the crisis.
- The impact of the ‘work from home’ model on company security.
- Vulnerabilities of VDI environments and how attackers target VPNs.
- Looking at the spread of these threats, industrially and geographically.
- Examples of the emails that are received through regional attacks.
- Converting interest into an attack; the few steps it takes to gaining control of a system.
- Best practices for security, covering the technology and personal techniques.
- Identifying the smallish number of people in an organization who might be at risk.
- The work done by the National Cyber Security Alliance at present.
- Ryan’s role at Proofpoint as the head of cyber security strategy.
“COVID-19 is a wonderfully flexible lure for any kind of cybercrime actor.” — @rkalember [0:04:19]
“The volumes in the overall email threat landscape are down from January to today, that is because a lot of the actors are doing something different.” — @rkalember [0:17:43]
Links Mentioned in Today’s Episode: