As new cyberattack trends continue to emerge, burnout among cybersecurity teams remains a critical issue, according to VMware’s new Global Incident Response Threat Report.
The Palo Alto, Calif.-based company’s report, issued during Black Hat USA 2022, details how the “ceaseless wave of cyberattacks,” pandemic disruptions and a constantly shifting threat landscape is causing nearly 47% of security teams to report being burnt out or extremely stressed in the past 12 months.
Although that figure is down from the 51% that reported burnout last year, it remains a critical issue, causing more than two-thirds to implement wellness programs to combat burnout. However, nearly 70% of respondents reporting burnout say they are still considering leaving their job as a result, according to VMware’s report.
The good news is that companies are paying more attention to the stress that cybersecurity and IT professionals are under, with respondents saying their employers offer flexible hours (73%), investment in further education (45%), coaching/therapy (45%), well-being days off (40%), onsite fitness programs (38%). and bonus incentives for successful attack prevention or defense (28%).
Flexible hours were by far the most helpful perk, cited by 72% of respondents as actually making an impact in their mental health. Investment in further education and coaching/therapy were next at 44% and 45%, respectively.
Like any other IT or cybersecurity company’s research report, ransomware was a key focus, with 57% of respondents saying their organization experienced a ransomware attack in the past 12 months, and 66% encountered attacks from the ransomware ecosystems of partners and affiliates as the ransomware becomes more centralized.
The report also details the rising level of extortion involved in ransomware attacks, one quarter of all ransomware attacks including some form of double extortion techniques, including black mail, data auction and name-and-shame.
VMware’s report also suggests that the Russia-Ukraine conflict is breeding more cyberattacks elsewhere, with 65% of respondents saying they’ve seen an increase in cyberattacks since Russia invaded its neighbor.
Attacks leveraging zero-day exploits are also on the rise, with 62% of respondents encountering such an attack in the past 12 months, compared to 51% from the 12 months prior. When it comes to existing vulnerabilities, 71% said they had been attacked suing a vulnerability they didn’t know existing in their environment, suggesting organizations need more awareness and visibility.
The report also suggests that malware families presumed to have been taken down, such as Emotet, are seeing a resurgence, with VMware suggesting a correlation between that resurgence and destructive malware used against Ukrainian organizations. This kind of custom malware has been seen in 27% of attacks, but U.S. and U.K. respondents report higher instances at 30% and 34%, respectively.
Other key findings include the increased usage of deepfakes in attacks to evade security controls, API security issues, how attacks are increasingly leveraging tools to achieve lateral movement, and more.