39% of companies have experienced videoconferencing attacks

Font Size

By Mariel Alison L. Aguinaldo

Thirty-nine percent of companies all over the world encounter video conferencing attacks, according to the Cyber Readiness Report 2020 by data protection firm Acronis.

Video conferencing attacks occur when perpetrators hijack a video call. Singapore had to stop its teachers from using Zoom when obscene images and strange men making lewd comments appeared on their classes’ screens. In the Philippines, an online forum by business advocacy group Go Negosyo was disrupted by the appearance of photos from an animated pornography scene.

“Before the pandemic, there were just a few vulnerabilities reported, and when the pandemic started, the attention of the security researchers obviously moved to those kinds of software. As a result, vulnerabilities in software like Slack, Zoom, and Microsoft Teams hit the news every few weeks. I believe there is a strong correlation between the vulnerabilities published and attacks occurred. After all, the former enables the latter,” said Kevin Reed, chief information security officer at Acronis, through an online text message.

Fifty-four percent of companies have also experienced phishing attempts, wherein perpetrators pose as legitimate institutions in e-mail messages to collect sensitive data like credit card details. Close to 45% have experienced Distributed Denial-of-Service (DDoS) attacks, where perpetrators overload a machine or network resource with requests to disrupt the services of a host connected to the Internet.

The COVID-19 pandemic normalized remote work among many companies, along with it the use of digital technology to enable long-distance collaboration. According to the same survey, 69% of remote workers have started using workplace collaboration tools like Zoom and Webex.

However, 6% of this number did not report this action, which suggests that remote workers may have installed and managed these tools themselves. This creates security vulnerabilities that can be exploited by perpetrators.

Companies should choose a cybersecurity solution that is the best fit for them, according to Acronis. This may be done by examining how they run their business and identifying their use cases for the solution.

“A product can do thirty things, but quite frankly, some [consumers] don’t care that it does thirty things. There are four or five things that are really important to them because it’s based on their business case,” said Steve Brining, partner technology evangelist for Cyber Protect at Acronis, during a virtual presser on September 9.

“When that’s identified… you have to turn around and say, ‘Do I have the personnel for this thing?… Do I have to change my processes to fit the technology, or does the technology have to be modified to fit my processes?” he said.

Companies also have to assess the solution’s usability for their employees. “The more simplistic it is, the better it is… Is it easy for me to use, or do I really have to be the cyber dude… to be able to do this?” said Mr. Brining.

The Acronis Cyber Readiness Report 2020 surveyed 1,700 IT managers and 1,700 remote workers from industries such as healthcare, hospitality, and sports and entertainment. The respondents came from Australia, Bulgaria, Canada, France, Germany, India, Italy, Japan, Netherlands, Singapore, South Africa, Spain, Sweden, Switzerland, United Arab Emirates, United Kingdom, and the United States.