Remote Workers in the Crosshairs: Mimecast Publishes New Report Detailing Threat Actor Attacks During “The Year of Social Distancing”

Rhea-AI Summary

Mimecast Limited (NASDAQ: MIME) reported a 48% increase in cyber threats during the first year of the pandemic, aligning with spikes in COVID-19 cases. Analyzed data reveals a significant rise in social engineering attacks targeting remote workers. Key findings include a 3x increase in unsafe email clicks in March 2020, with U.S. workers almost twice as likely to engage with suspicious emails compared to their U.K. and German counterparts. The threat landscape is expected to evolve as hybrid work models continue, highlighting the pressing need for ongoing cybersecurity training.

Positive

• None.

Negative

• Increasing cyber threats, with a 48% rise during the pandemic year.
• A significant rise in unsafe clicks, potentially indicating low employee awareness.
• U.S. workers' vulnerability to suspicious emails, which could lead to financial losses.
• Likelihood of continued exploitation by threat actors remains at 95%, indicating ongoing risk.

Company researchers report a 48% rise in threat volume in the first year of the pandemic; Threat actor attack volume mirrors spiking COVID-19 infection rates in April and October 2020

LEXINGTON, Mass., March 23, 2021 (GLOBE NEWSWIRE) -- Mimecast Limited (NASDAQ: MIME), a leading email security and cyber resilience company, today announced the publication of its new “The Year of Social Distancing” global report. Drawing on data from the Mimecast threat intelligence team, the report details how threat actors targeted remote workers during the first year of the pandemic, March 2020 – February 2021. The report describes how attack volume surged by 48% during the first year of the pandemic, with sudden increases in volume corresponding to spikes in COVID-19 infection rates in April and October 2020.

“Threat actors took advantage of the pandemic to launch a torrent of COVID-19-themed social engineering attacks, understanding that people were under stress working in the home environment, and thus more likely to be deceived and make mistakes,” said Josh Douglas, vice president, product management at Mimecast. “The second part of that strategy was to ‘flood the zone’ in security operations centers. They knew analysts would also be stressed and stretched thin, so overwhelming them with a high volume of threats would increase the likelihood of their attacks slipping through defenses.”

The report also examines the cyber habits of at-home workers, which revealed some alarming facts, including:

• A 3x rise in unsafe clicks in March 2020, right when the work-from-home trend began.
• U.S. workers were nearly twice as likely to open suspicious emails as were workers in the U.K. and Germany.
• A 60% increase in the use of company-issued computers for personal business.
  

Even though vaccine rollouts have begun and organizations may soon start making plans for people to return to offices in the months ahead, the Mimecast threat intelligence team has assessed the likelihood of threat actors continuing to exploit the unsettled work situation as very likely (95%). These exploitation efforts will likely focus both on remote workers and those returning to the office – which creates the possibility of a new “unsettled” situation that opens the door for the possibility of new waves social engineering campaigns.

“We’re now seeing sophisticated digital-deception campaigns where threat actors combine COVID-19-related social engineering with multi-channel campaigns – including email, social media and even phone – to gain credibility with their targets so they can then be tricked into giving away valuable information or credentials,” said Douglas. “We expect this challenging threat environment to continue for the foreseeable future as employees transition to the new normal which in many cases will be a hybrid in-office/at-home work mix. It has never been more important for enterprises to take steps to counter these digital-deception campaigns by hardening employees as targets through ongoing cybersecurity training programs, and to secure the infrastructure of the new ‘virtual workplace’ particularly email and collaboration tools.”

Download the full global report here - “The Year of Social Distancing.”

Mimecast: Relentless protection. Resilient world.™

Mimecast (NASDAQ: MIME) was born in 2003 with a focus on delivering relentless protection. Each day, we take on cyber disruption for our tens of thousands of customers around the globe; always putting them first, and never giving up on tackling their biggest security challenges together. We are the company that built an intentional and scalable design ideology that solves the number one cyberattack vector – email. We continuously invest to thoughtfully integrate brand protection, security awareness training, web security, compliance and other essential capabilities. Mimecast is here to help protect large and small organizations from malicious activity, human error and technology failure; and to lead the movement toward building a more resilient world. Learn more about us at www.mimecast.com.

Mimecast social media resources:

LinkedIn: Mimecast

Facebook: Mimecast

Twitter: @Mimecast

Blog: Cyber Resilience Insights

Press Contact

Tim Hamilton

Press@Mimecast.com

617 393 7122

Investor Contact

Robert Sanders

Investors@Mimecast.com

617-393-7074

FAQ

What did Mimecast report about cyber threats during the pandemic?

Mimecast reported a 48% rise in cyber threats during the first pandemic year, correlating with COVID-19 spike periods.

How much did unsafe clicks increase among remote workers?

Unsafe clicks among remote workers saw a 3x increase in March 2020, coinciding with the start of widespread remote work.

What is the likelihood of continued cyber threats according to Mimecast?

Mimecast assesses a 95% likelihood of continued exploitation of remote workers and those returning to offices.

What cybersecurity measures does Mimecast suggest for companies?

Mimecast recommends ongoing cybersecurity training programs to enhance employee resilience against digital deception campaigns.