The coronavirus (COVID-19) pandemic is putting tremendous strain on economic, social, and political systems and disrupting the digital world. People are compelled to work and learn remotely while sheltering at home and consequently are relying more on remote communication and digital platforms and tools. Cybercriminals are capitalising on these expanded attack surfaces by launching cyber-attacks and compromising the confidentiality, integrity, and availability of data.
Security Magazine (2020) indicates that trans-national criminal rings are increasingly targeting unprotected devices of employees working from home and several companies only recently became targets. A 2020 Remote Work From Home Cybersecurity survey produced by Cybersecurity Insiders indicates that an upsurge in work from home (WFH) scenarios has fuelled security and compliance concerns with the majority threat contributors being low user awareness training, insecure home/public Wi-Fi networks, use of at-risk personal devices and sensitive data leakage.
In addition, respondents feel anxious about file sharing (68 percent), web applications (47 percent) and video conferencing (45 percent) risks. “IT security professionals anticipate malware, phishing, unauthorised user and device access and unpatched/at risk systems to be the most exploitable WFH attack vectors” (Security Magazine, 2020).
Cynet also reports that the coronavirus has had a significant impact on information security and threat actors are actively exploiting the crisis. They identified that attackers are using two main trends: malicious emails and attacks on the credentials of remote users.
Malicious email attacks
With business operations moving to remote sites, employees are relying heavily on digital communication. Cynet revealed that 21% of emails included malicious attachments with advanced capabilities such as redirection to malicious websites or malicious macros and exploits. Specifically, threat actors include social engineering, phishing, and weaponised emails.
High dependency on digital Infrastructure
Due to social distancing, social interactions and information dissemination are confined to digital means such as voice calls, video calls and text messages. Due to the uncertainty created by the pandemic, employees may be lured into clicking on malicious links incorporating so-called breaking news updates on the coronavirus. These actions can be detrimental to the privacy of critical data and information of businesses.
Recently, malware was hidden in an interactive map that was displaying Coronavirus (COVID-19) statistics. Downloading the malicious malware posed a severe threat to sensitive information such as banking details, military secrets, or social security numbers.
Spam, opportunistic detections, and impersonation
Mimecast reports that detections were up by a third and between January and March 2020, spam and opportunistic detections increased by 26.3%, while impersonation was up 30.3%, malware by 35.16% and the blocking of URL clicks by 55.8%.
Detections and scams were used in tandem with the first reports of COVID-19 infections in the UK, Italy, and Spain. During the lockdown in the United Kingdom and Australia in the week from 24 March, a hoaxed WHO ‘Safety COVID-19 Awareness’ email was distributed (Mimecast 2020). Impersonation has also been steadily increasing for some time and has accelerated since the outbreak, according to Mimecast. “Some of the increase undoubtedly reflects the increased opportunity presented by current circumstances, with isolated employees and the potential lack of suitably robust verification processes, which threat actors will hope to heavily exploit under the present lockdown measures in many countries,” says Carl Wearn, head of e-crime at Mimecast.
Prominent charities have been subject to domain/website spoofing in recent weeks related to the current crisis. There has also been significant activity targeting certain industries. Wearn indicates that “By volume, it’s primarily the retail and manufacturing sectors that are being hit most, almost certainly as they are the key verticals still in full swing or even taking on more employees at this time, and of course key to every nation’s response and subsequent recovery at present.
Mimecast warns that as the economic landscape changes, targets are likely to change yet again. “It is important to be vigilant when communicating with third parties and suppliers, as there may well be an increase in the range of businesses folding in the coming months, and criminals may seek to exploit a company’s previous clients or customers,” says Wearn. He advises that it is crucial that businesses train employees and make them aware of the dangers of phishing.
Experts agree that the COVID-19 pandemic will continue to change the lives of people worldwide due to increased remote working and learning patterns, and the consequential increased cybersecurity risks. Like the spread of the virus threatens people’s health, all devices connected to the Internet are at risk. Forbes Magazine reports that maintaining proper cyber security measures on your own devices affects the rest of the online community. Deloitte’s Head, Cyber Risk Services, West Africa Alandenusi states that “post COVID-19, organizations will need to rethink their cyber risk management measures”.
Take your business connectivity guide to find the perfect solution for your business!