The actual impact of Covid-19 on cybersecurity

Almost a month ago we voiced our first opinion on the impact of the Corona virus on cybersecurity. Since then, we asked around what cybersecurity professionals, researchers and leaders really see, what they experience in their day-to-day life since Covid-19 hit most of us.

Of course, there is an official side to this, which mostly refers to the forced “working-from-home” trend and the cybercriminals misusing the crisis for spreading their malware and ransomware or otherwise creating new forms of attacks. But there is also the unofficial side of postponed and paused projects. What is your personal experience? Let us know by contacting us here, on Twitter or on LinkedIn (Facebook is also an option) or leaving a comment to this article.

One word we heard very often, not only related to cybersecurity is change. Many people believe that this current crisis will fundamentally change our world, and that includes cybersecurity. As Dr. Matthias Rosche, CEO of Orange Cyberdefense Germany GmbH puts it:

„Generally speaking, these developments will change the IT-Security industry and boost new topics. Vendors of cloud security are experiencing a high demand. Vendors that still stick with on-premises technology solutions will have to adapt to the cloud very soon. Microservices security and serverless security will become much faster a market as expected before COVID-19. Some old dinosaurs of IT-Security that can’t keep up with these dynamics will die, that’s for sure.

Dr. Matthias Rosche, CEO of Orange Cyberdefense Germany GmbH

Dr. Rosche adds that the crisis will speed up digital transformation – something which will support their consulting and service approach. “Our business already sees a boost in delivering cloud security services” he continues, and predicts that ‘securing container, Docker, Kubernetes and other microservices will be the future to prepare on.“

Thales, a leader in advanced data security solutions and services, is highlighting the fact that hackers are always up-to-date and benefit from the security flaws and take advantage of the COVID epidemic to launch cyberattacks, using the pandemic as a lure. Thales also observes that this trend amongst cybercriminals seems to be following-up on the real evolution of the virus with important attacks first in Asia (Taiwan, South Korea, Mongolia…) then in Central and Eastern Europe (Czech Republic, Ukrania), and finally in Western Europe (Italy, France).  

Mimecast, known for safeguarding customers against dangerous email, sees an increase in spam emails and social engineering attempts, Their VP for the DACH region, Jeff  Ogden, predicts:

“This will certainly increase the demand for security solutions that can stop this in the near future. It is particularly noticeable that cybercriminals are developing their attack tactics to adapt them to the latest measures to contain the virus, but also to the current trend towards working from home. In particular, we have seen a lot of fake HR emails that refer to home office practices, or emails that are supposed to come from global health organisations and apparently contain behavioural tips.”

Mimecast VP DACH, Jeff Ogden

Dracoon, market leader in the German-speaking area for enterprise file sharing, notes that the Corona crisis shows how dependent people and companies are on digital processes. Marc Schieder, CIO of Dracoon:

“Many companies and institutions have simply not considered the crisis or have given it too little priority. Data protection and data security in the home office or worldwide secure working two topics of many.”

Marc Schieder, CIO, Dracoon

Another aspect of the Covid-19 epidemic is also the trend towards remote working, now that virtually every country in the world is on lockdown. This, sometimes urgently set in place, extend the risks in terms of cybersecurity. Staff members often find themselves on the front lines as cyberattackers very frequently go through them to attempt to jeopardize computing systems.  

Qualys, a pioneer and leading provider of cloud-based security and compliance solutions, adds to this observation.

„The corona crisis is also increasingly attracting attackers who want to exploit the current situation by means of malware such as emotet or ransomware. The fact that many people are currently working in the home office makes it difficult for many companies to guarantee the security standards at their workplaces as usual. Cloud-based systems can help in this case to check and patch these systems, as they are not bound to local software installations.“

Jörg Vollmer, General Manager Field Operations DACH at Qualys

To counter these attacks, Thales allows free access to some of their safe and secure remote working solutions, while Qualys offers free endpoint protection. Dracoon also helps free of charge and in an unbureaucratic way and thankfully, a lot of other companies also give away their solutions away for free during the crisis – a good overview can be found right here on Cybersecurity Magazine.

Related:   Researchers unwittingly assist in cybercrime

Other companies take a different approach, using their expertise to fight the crisis. Ismail Elmas, General Manager & VP EMEA of Zscaler, points to a business continuity program that is intended to help customers to deliver fast, secure, reliable access to applications and services. He also notes:

“As a reaction to this program we have seen global traffic on our platform increase 8 fold since January 1st 2020. This traffic is driven in large part by existing customers fully taking advantage of our new offering. Our China traffic has increased more than 12x; Seoul is up 6x; Tokyo has more than doubled; and our newly opened Milan data center quickly became one of the busiest sites across the Zscaler cloud.”

Ismail Elmas, General Manager & VP EMEA of Zscaler

Besides those official statements, however, there are also some unofficial statements we hear from colleagues and professionals. Some of them seem a little worrying, noting that some projects indeed have been postponed, and are likely to get cancelled. On the other hand, this seems to be largely dependent on the industry. Those customers who cancel or postpone their projects are mostly active in those industries which are hit by the pandemic the hardest, while other consultants working in other areas do not see any affect on their daily life – or at least not just yet.

After all, it might be a goot time now to see the opportunity in all this – specifically for all of us working in an industry where risk is the predominant topic. Or, to sum it all up and as a direct response to how Corona impacts our daily lives, in the words of Christian Reimann, Cyber Risk & IRM Specialist at Baumlink:

“I actually enjoy working from home. Having more relaxed in-depth conversation with people of the Cyber Security Community is a good thing. The balls are still rolling. To all out there, keep it up!“

Founder and Editor at

Patrick Boch has been working in the IT industry since 1999. He has been dealing with the topic of cybersecurity for several years now, with a focus on SAP and ERP security.

In recent years, Patrick Boch has published various books and articles as an expert, especially on the subject of SAP security. With his extensive knowledge and experience in the areas of SAP compliance and security, Patrick Boch has served as product manager for several companies in the IT security sector since 2013. Patrick is Co-Founder and Editor of Cyber Protection Magazine.

Leave a Reply

Your email address will not be published. Required fields are marked *