Cybercriminals are known to target the weakest points in any organization. Now, with the novel coronavirus sweeping the globe, organizations’ critical assets are at serious risk, as bad actors leverage the growing fear in order to gain access to employee passwords and sensitive data for nefarious purposes.
According to a recent report from Check Point Technologies, web domains associated with the coronavirus are 50% more likely to be from malicious actors. These cybercriminals are feeding off of the uncertainty in a time of crisis and using advanced tactics such as phishing to target unknowing users. The Federal Bureau of Investigation also released a statement warning constituents of an increased number of cyber attacks related to the coronavirus pandemic.
“Cyber criminals are opportunists that continuously evolve their methods of attack. And, as history has shown us, the more visible the situation, the more aggressive the cyberattacks,” says Nicholas Fischbach, Global CTO at web security firm Forcepoint.
Vital organizations are a prime target
These opportunistic cybercriminals have already begun seeking out both vulnerable users and organizations such as hospitals that would be devastated by a breach. According to an article from Health IT News, the World Health Organization, and the U.S. Department of Health and Human Services reported an uptick in cyberattacks — about double the norm before the pandemic. Other medical organizations, such as the Czech Republic’s second largest hospital, have reported cyberattacks while in the midst of testing for coronavirus.
As the health care industry continues to battle the coronavirus, they’re being tasked with simultaneously fending off cyber attacks. But, as the risk of these attacks increases during the COVID-19 crisis, so does the information security community. Some of the world’s most intelligent security professionals are volunteering to assist medical organizations in combating the influx of malicious cyber activity.
Preying on fear and anxiety
With the stress brought about by a worldwide pandemic, users may be more susceptible to letting down their guards when it comes to online threats. Today, more people are accustomed to seeing a variety of forms and portals asking for usernames, passwords and often payment information. Sophisticated cybercriminals and groups have become experts at crafting near perfect duplicates of legitimate websites.
Hackers exploit these vulnerabilities and play on society’s fears in hopes that their carefully crafted scams will be successful. “We are seeing trends of cyber attackers leaning into social-engineering that utilizes popular keywords — such as coronavirus and COVID-19 — to execute online scams, phishing and malware attacks,” Fischbach says. As the number of suspicious emails and web domains related to real-life events grows, users must remain vigilant and take the time to ensure authenticity and remain cautious about links, attachments, or inputting usernames and passwords.
Information technology (IT) teams have been unexpectedly tasked with allocating budgets and resources to prepare the workforce to conduct their daily tasks remotely. Employees are accessing corporate resources and data in locations outside of traditional corporate networks and on devices that may not adhere to security policies, leaving them exposed and potentially vulnerable to the most basic of cybersecurity threats.
With this unplanned societal shift to a dependence on the digital infrastructure, user education is key to keeping an organization protected from cyberattacks. Just like social distancing and washing our hands, organizations and their workforces must practice good cyber hygiene during this outbreak. Following are three tips to help:
- Use a virtual private network: You can’t fully trust your home WiFi network, especially now that users are connecting with new devices and applications. Organizations should enforce, at the very least, all users to access internal systems and online services using a VPN to securely connect to corporate resources over the public internet. This will provide a much needed layer of security to protect data.
- Be aware of phishing attacks: Phishing attacks, specifically on corporate email, have dramatically increased. They typically use a disguised email as a weapon. Organizations must ensure that users know what to look for and be cautious about opening any attachments or clicking on links from unknown or suspicious senders.
- Implement robust authentication: Multifactor or two-factor authentication are critical methods for remote work. As history has shown, passwords are one of the most heavily targeted entry points to any organization because users tend to recycle a set of common passwords. Only granting access to corporate resources after successfully providing two or more pieces of evidence to authenticate makes exploiting those logins much more difficult.
Long-term plans for business continuity
As a final note, be sure to proceed with caution even when the outbreak begins to subside and workforces return to the office. Cyber criminals are patient and stealthy, often establishing long-form attacks that allow them to fly under the radar for extended periods of time. “The first weeks back in the office are critical in making sure that an enterprise can keep operating,” Fischbach adds. “Look for any hints in security audit logs across the entire hybrid IT estate for possible attacks that might have been missed.”