Nuspire released their Threat Landscape Report for Q2 2020.
Nuspire observed an increase in both botnet and exploit activity over the course of Q2 2020 by 29% and 13% respectively—that’s more than 17,000 botnet and 187,000 exploit attacks a day. While attackers targeted remote work technology at the source to obtain access to the enterprise in Q1 2020, Nuspire observed a shift in tactics to leverage botnets to obtain a foothold in the network. Home routers typically are not monitored by IT teams therefore have become a viable attack method that avoids detection while infiltrating corporate networks.
Why do we care?
The botnet investment by attackers shows the rapid adjustment based on the move to work from home.
Providers have traditionally avoided managing home networks. It’s been my philosophy for a long time. It’s clearly also not viable long term.
It seems there are two strategies. Either a provider has to embrace those home networks and make them fully managed, or embace Zero Trust Architecture as a philosophy and stop trusting them entirely. Nuspire recommends that defense in depth approach with Zero Trust, and I’d agree with that. Either way, you can’t ignore the home network.