News Releases3 min read

VMware Releases Global Incident Response Threat Report Detailing Surge in Sophisticated Cyberattacks as eCrime Groups Grow More Powerful

New Research Uncovers Cybercrime Capitalizing on the Convergence of COVID-19 and 2020 Election

PALO ALTO, Calif.--(BUSINESS WIRE)--VMware, Inc. (NYSE: VMW), a leading innovator in enterprise software, today released the results of its sixth Global Incident Response Threat Report, entitled: “The Cybersecurity Tipping Point: Election, COVID-19 Create Perfect Storm for Increasingly Sophisticated Cyberattacks.”

The research found the cybersecurity challenges of the global pandemic are now colliding with the 2020 U.S. presidential election resulting in a surge of cyberattacks. As eCrime groups grow more powerful, these attacks have grown increasingly sophisticated and destructive – respondents reported that 82 percent of attacks now involve instances of counter incident response (IR), and 55 percent involve island hopping, where an attacker infiltrates an organization’s network to launch attacks on others within the supply chain.

“The disruption caused by COVID-19 has created a massive opportunity for criminals to restructure their businesses,” said Tom Kellermann, Head of Cybersecurity Strategy, VMware Carbon Black. “The rapid shift to a remote world combined with the power and scale of the dark web has fueled the expansion of eCrime groups. And now ahead of the election, we are at cybersecurity tipping point, cybercriminals have become dramatically more sophisticated and punitive focused on destructive attacks.”

Data for the report is based on an online survey of eighty-three incident response (IR) and cybersecurity professionals from around the world in September 2020. The key survey findings from IR and cybersecurity professionals include:

  • Incidents of counter IR are at an all-time high, occurring in 82% of IR engagements – suggesting the prevalence of increasingly sophisticated, often nation-state attackers, who have the resources and cyber savvy to colonize victims’ networks. Destructive attacks, which are often the final stage of counter IR have also surged, with respondents estimating victims experience them 54% of the time.
  • 55% of cyberattacks target the victim's digital infrastructure for the purpose of island hopping. The pandemic has left organizations increasingly vulnerable to such attacks as their employees shift to remote work – and less secure home networks and devices.
  • Custom malware is now being used in 50% of attacks reported by respondents. This demonstrates the scale of the dark web, where such malware and malware services can be purchased to empower traditional criminals, spies and terrorists, many of whom do not have the sophisticated resources to execute these attacks.
  • As we approach the presidential election, cybersecurity remains a top concern and nation-state attackers pose a significant threat. Drawing upon their security expertise – and in line with recent advisories from Cybersecurity & Infrastructure Security Agency (CISA)1 – 73% of respondents believe there will be foreign influence on the 2020 U.S. presidential election, and 60% believe it will be influenced by a cyberattack.

For more on the evolving threat landscape and best practices for IR and security teams looking to fight back, download the full report here.

To continue the conversation, join VMware Carbon Black for a live webcast on the state of election security: Cyber Insecurity: Securing the Vote in the 2020 Election, Tuesday, October 20 at 2 p.m. ET/11 a.m. PT. The webcast will feature:

  • Kelvin Coleman, Executive Director, NCSA
  • Tom Kellermann, Head of Cybersecurity Strategy, VMware Carbon Black
  • Eric O’Neill, National Security Strategist, VMware Carbon Black
  • Lauren Harrington, Partner Solutions Manager, VMware Carbon Black

About VMware

VMware software powers the world’s complex digital infrastructure. The company’s cloud, app modernization, networking, security, and digital workspace offerings help customers deliver any application on any cloud across any device. Headquartered in Palo Alto, California, VMware is committed to being a force for good, from its breakthrough technology innovations to its global impact. For more information, please visit

VMware and Carbon Black are registered trademarks or trademarks of VMware, Inc. or its subsidiaries in the United States and other jurisdictions.

VMware September 2020 Survey Methodology

VMware Carbon Black conducted an online survey about trends in incident response and election security in September 2020. Eighty-three Incident Response (IR)and cybersecurity professionals from around the world participated. Percentages in certain questions exceed 100% because respondents were asked to check all that apply. Due to rounding, percentages used in all questions may not add up to 100%.

This press release may contain hyperlinks to non-VMware websites that are created and maintained by third parties who are solely responsible for the content on such websites.

  1. Cybersecurity & Infrastructure Security Agency, “Protect #2020 Countering Foreign Influence Task,” February 2020

Samantha Mayowa
VMware Global Communications
(781) 552-3062

Jessica Bettencourt
(774) 451-5142

Source: VMware, Inc.