“The vulnerabilities ranked by CYR3CON as being over 30 times more likely to be exploited spiked significantly in both April and July,” said CYR3CON researcher Jacob Cox, who co-authored the report. “This aligns directly with spikes in the number of COVID-19 cases we saw during the pandemic.”
TEMPE, Ariz. (PRWEB) November 10, 2020
CYR3CON®, which created and sells a machine learning solution for predicting the actions of hackers, released a study today analyzing the level of interest malicious hackers have in home routers during the COVID-19 pandemic. The study found a clear correlation between hacker interest and spikes in COVID-19 cases in the United States.
The COVID-19 pandemic caused a dramatic shift toward remote work. A key enabler of this shift is high-speed Internet connections in the homes of employees. However, associated with this shift is the increased usage of home routers which are often vulnerable to attacks. CYR3CON uses hacker discussions mined from sources such as the deepweb, darkweb, and social media to analyze hacker activities. In this study, CYR3CON sought to answer the question if hackers were creating new cyberattacks focused on home routers during the pandemic.
“The number of vulnerabilities ranked by CYR3CON’s machine learning algorithm as being over 30 times more likely to be exploited spiked significantly in both April and July,” said CYR3CON researcher Jacob Cox, who co-authored the report. “This aligns directly with spikes in the number of COVID-19 cases we saw during the pandemic.”
“This study shows clear, quantifiable evidence of hacker interest in remote work,” stated Paulo Shakarian, CYR3CON's CEO. "Some of the vulnerabilities that hackers latched onto during those spikes were leveraged in later exploits.”
Former CISO of Wells Fargo Capital Markets, Moriah Hara commented on the study: “CISOs are faced with a new challenge due to the pandemic. The access point to the home is a new Achilles heel in the attack surface. It’s particularly devious as hackers will use the home router to compromise a system and then launch attacks against or steal information from a corporate network.”
CYR3CON’s machine learning technology was originally developed under IARPA funding (a US government activity) and has undergone extensive peer-review. Recently, the firm raised venture capital to continue its growth trajectory. The solution is offered as a SaaS-based offering and the company also engages clients with a “Predictive Threat Assessment” that can be automatically performed with the platform. The Predictive Threat Assessment allows security professionals to identify vulnerabilities that may be used in future attacks – such as the ones described in the report.
CYR3CON provides the only machine-learning threat intelligence platform that predicts and prioritizes the latest cyber threats, enabling CISOs to better understand the threat landscape, gain knowledge about malicious hacker behavior, and identify emerging attacks against enterprises. CYR3CON’s underlying algorithms are also the only offering validated through years of academic research, peer-reviewed publication, and government backed grants. For more information, please visit https://www.cyr3con.ai/.