Defending enterprise systems during a pandemic
A new report from Akamai looks back at 2020, examining some of the technological shifts and the patterns that emerged from lockdown-related internet spikes at the beginning of the year, to the resurgent spikes due to a mix of additional lockdowns and closures, as well as the holidays.
Akamai observed a 30% increase in internet traffic as the pandemic lockdowns started, and a global shift to remote functionality, which continues today.
Alongside the shift in usage, throughout the COVID-19 pandemic, researchers have seen criminals take advantage worldwide, targeting all business sectors and industries, including information technology and security.
“Defending enterprise systems is a challenge at the best of times,” said Robert Blumofe, chief technology officer at Akamai. “Doing so in the middle of a pandemic only adds to these complexities and challenges.”
In 2020, Akamai faced 21.5 million malicious DNS queries out of an aggregate of 109 billion, or about 299 million DNS queries per day. The majority of these attacks were malware attacks, with Akamai logging 10.2 million blocked requests related to malware in 2020. This could be due to a malicious link being clicked in an email, document, or even on a website, but the exact cause of the block events remain unknown.
Phishing, second only to malware, was the other top attack type observed in the Enterprise Threat Protector logs for 2020, with 6.3 million blocked attempts. The company’s platform organization, finance group, global services team, the office of the CIO, and the web sales and marketing unit were the most targeted, which tells us that criminals aren’t too picky when it comes to victim selection, but they will focus their efforts when the potential gain is large.
“One of the lessons learned in 2020, as it pertains to remote work and distance learning, is that the usual way of protection will work to a degree, but security must adapt rapidly to changing situations,” said Steve Ragan, Akamai security researcher, and author of the State of the Internet / Security report. “Just because a policy or program works great in a data center or office doesn’t mean it will work when everyone has to go home. The forced changes in 2020 were a blunt reminder of this fact.”