In This Incident Response Threat Report

“Criminals never let a good crisis go to waste,” observes Greg Foss, Senior Cybersecurity Strategist at VMware Carbon Black.

This certainly holds true amid the COVID-19 pandemic. In April 2020, the FBI and Secret Service reported a wave of COVID-19-related cybercrimes and threats as criminals capitalized on widespread anxiety, confusion, and reliance on digital technology and online networks.

As November approaches, the cybersecurity challenges of the pandemic are colliding with 2020 U.S. presidential election.

This sixth edition of the Global Incident Response Threat Report paints a picture of this evolving threat landscape, discusses the impact of COVID-19 and the U.S. presidential election, and provides some best practices for IR teams and security teams looking to fight back.

Nearly half (49%) of cybersecurity professionals named government as the industry most targeted by attacks.

An increasingly sophisticated – and destructive – threat landscape

The pandemic has catalyzed the development of a dangerous new threat landscape. Both domestic and international cybercriminals are cashing in on increased online activity due to COVID-19, and sophisticated nation state actors have been able to leverage the pandemic to initiate malicious malware and cyberattacks. According to Eric O’Neill, National Security Strategist at VMware Carbon Black, the latter point in particular may explain why rates of counter IR are at an all-time high of 82%.

These are highly sophisticated maneuvers that your typical criminal just isn’t going to use. They’re going to use spear phishing, because it’s easy, and it works. It’s the nation-state attackers that are often behind counter IR, and rarely have Western law enforcement been able to stop them.

2020 Election Security: What Security Pros are Saying about Cyberattacks, Foreign Influence and More


Cybersecurity has become a critical concern ahead of the 2020 U.S. presidential election. In an unprecedented year, we have already begun to see foreign interference, government agencies hit with ransomware attacks, and more. This is all compounded by the pandemic, which has created logistical challenges and complicated voting access.

Drawing upon their security expertise and in line with recent advisories from the Cybersecurity and Infrastructure Security Agency (CISA), 73% of respondents believed that there will be foreign influence on the 2020 presidential election. 60% believing it will be influenced by a cyberattack.

Among the greatest security risks of interference in the election, the top three responses were election official databases, voter registration, and voting machines.

To increase cyber defense, respondents surveyed thought strong passwords including multi-factor authentication, securing voting infrastructure and endpoint controls should be prioritized. As threat landscape expands with security threats to the election, state and local governments, it’s time to rethink cybersecurity.

73% of surveyed security experts believed that there would be a foreign influence on the 2020 presidential election.

Download the Complete Report Now