Enterprises need to develop short- and long-term strategies to counteract shifting threats to networks and applications. Credit: Netscout The COVID-19 pandemic forced businesses of all shapes and sizes to make rapid changes in how they operated, with employees predominantly working remotely and sensitive data and systems being accessed from outside the office.For many, this triggered an increased reliance on remote-access infrastructure and cloud-delivered services. IT departments rushed to install, expand, or upgrade remote desktop access (RDA) servers, virtual private network (VPN) concentrators, and remote access routers to meet surging workforce demand for remote access to data centers. Moreover, widespread reliance on video conferencing apps forced many businesses to upgrade enterprise wide-area network and local-area network capacity, as well as to reevaluate routing and DNS resolution paths within the network. Enterprises also quickly began to adopt software-as-a-service (SaaS) and cloud applications to handle the large scale and rapid modifications required by the sea change in remote work practices.Not surprisingly, cyberattackers were quick to spot an opportunity. 2020 saw record-breaking attacks targeting vulnerabilities brought about by these new business practices, putting security professionals on the defensive.Shifting Threat TacticsThreat tactics are constantly evolving. Cyberattackers are preying on the anxieties surrounding the pandemic to exploit new opportunities for perpetrating fraud.According to the recently published HardenStance white paper “Cyber Security After the Pandemic,” several tried-and-true tactics are being modified to the current environment. For instance, lure attacks have taken on COVID-19 themes. Email, SMS, and other messaging applications were used in the early days of the pandemic to prey on victims’ fears regarding personal protective equipment (PPE) shortages, contact tracing, and more recently, fraudulent vaccine passport requirements.Distributed denial-of-service (DDoS) attacks also have been on the rise, as attackers unleashed more than 10 million DDoS attacks in 2020. Because of the shift to remote work, attackers increasingly targeted on-premises VPN concentrators.Another trend has been the rise of DDoS extortion attacks, also known as ransom DDoS. In fact, the threat actors behind the Lazarus Bear Armada DDoS extortion attacks targeted VPN concentrators as part of their campaign.The Importance of Developing Security StrategiesAlthough the future is always difficult to predict, one thing is certain: cyberattacks will not abate. That means enterprises need to develop both short- and long-term strategies for combatting these attacks.In the short term, security professionals will need to focus on plugging the holes that have emerged since the lockdowns began. The HardenStance white paper recommends implementing cloud security controls in development environments, preventing VPN concentrators from being easily identified by probing attackers, and upgrading to a dedicated DDoS protection capability.In the long term, enterprises should develop well-thought-out strategies that put security first in this ongoing battle against cybercombatants.For more information and guidance, download the white paper “Cyber Security After the Pandemic” Related content brandpost Sponsored by Netscout How to Avoid Getting Crushed Under a Tidal Wave of Traffic Systems with resilience, scale, and a multilayered defense can stop multipurpose application-layer DDoS attacks. By NETSCOUT Mar 09, 2023 4 mins DDoS brandpost Sponsored by Netscout Is Your XDR Strategy Incomplete? Why you can’t have XDR without NDR. By NETSCOUT Mar 07, 2023 5 mins Security brandpost Sponsored by Netscout How 3 Tools Can Revitalize Your Security Strategy Focus on visibility to improve your security posture. By NETSCOUT Mar 07, 2023 4 mins Security brandpost Sponsored by Netscout Protecting the Edge Is More Important Than Ever NETSCOUT’s Omnis Arbor Edge Defense Earns Security Today’s 2022 CyberSecured Award By NETSCOUT Mar 07, 2023 2 mins DDoS PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe