Covid-19: How to reduce the risk of the growing attack vector…

Due to the unprecedented impact of Covid-19, businesses have undergone a seismic change in recent weeks as millions are forced to work from home. This shift away from usual practices is a greatly anticipated change for many employees. However, as firms are under immense pressure to quickly implement a remote working strategy, the necessary security considerations are taking a back seat. Unfortunately, this sudden increase in remote working means the global attack vector has grown exponentially. Although businesses are taking these steps in a desperate attempt to remain operational, cyber-criminals are eager to exploit these vulnerabilities while their guard is down.

For many businesses and families around the globe, ‘life as we know it’ has dramatically changed for the foreseeable future.  While businesses scramble to adapt to this new way of working, many have unknowingly introduced critical vulnerabilities into their systems. Make no mistake, hackers are keen to exploit these gateways to gain access to your private network. Unfortunately, as this sudden spike in lax security measures continues to rise, businesses will be relentlessly bombarded with cyber-attacks. Sadistically, this Covid-19 pandemic is the ‘perfect storm’ for cyber-criminals. In these trying times, the last thing we need is to face more financial difficulty and turmoil. Therefore, to protect the integrity of your critical systems, it is important to follow stringent security procedures to ensure your businesses survives the difficult months ahead.

What Covid-19 attacks and scams are businesses facing?

Other attacks include:

• Phishing- Covid-19 themed phishing campaigns are rampant. To steal passwords, financial information and spread malware, cyber-crooks are sending phishing emails which promise to provide vital information about keeping safe from the Covid-19 pandemic. A recent phishing attack which claims to hold crucial Covid-19 safety advice, attaches a file which downloads a keylogger onto your device. This allows cyber-criminals to spy on your movements in order to harvest personal information and passwords. Another phishing campaign targeting University students sends fake updates about college closures and other Covid-19 news. A similar email targeting other industries sends employees fake Office365 or OneDrive login screens that can gather sensitive login information.
• Scareware– A common theme throughout these attacks is preying on the fear of the general population. Unfortunately, by exploiting public anxiety they will lure many victims into malicious online traps. These Scareware tactics will increase as online searches accelerate, and as many will be working remotely, they may not be protected by the usual security controls provided by the corporate network.
• Hoax applications– Another recent hoax involves an Android application called coronavirusapp which is laced with Ransomware. The bogus app claims to provide up-to-date virus information in your local area (includes heatmap visuals and detailed Covid-19 statistics). Once downloaded the application locks your device and demands a sum of money before you can regain access. A similar application called CovidLock threatens to delete device data and social media accounts if BitCoin is not paid in 48 hours.
• Hospital attacks- Although a couple of notorious cyber-crime gangs have recently promised they will not attack hospitals during the Coronavirus crisis, there have still been healthcare attacks worldwide. Earlier this month a hospital in the Czech Republic was hit by a major cyber-attack. This devastating breach caused all their computers to shut down during the Covid-19 outbreak. The hospital was forced to cancel operations and relocate Coronavirus patients to other hospitals.

How can businesses mitigate these cyber-threats?

• Zero trust- A ‘zero trust’ security approach follows the concept that businesses should not automatically trust devices or users whether it is in or outside of the corporate network. This helps organisations to verify trust, user identity and subsequently lower cyber-risk.
• Software updates: As a basic step, businesses should ensure that all software patches are updated regularly.
• Asset management: Asset management is a vital capability which helps to give insight into the devices connecting to your network. This is important as it allows you to better identify unauthorised devices and respond quicker in the event of a breach (which helps to minimise data loss and downtime).
• 2- Factor authentication– Passwords alone are a very weak form of authentication which is why multifactor authentication for all end users is essential. MFA means hackers are unable to compromise logins with usernames and password alone. Even if a bad actor can get hold of your password, they won’t be able to access your private applications unless they also have your phone or security key.
• VPN- Whilst your employees are working from home they must connect to a VPN. This is important because a VPN encrypts device data so that hackers are not able to intercept your online activity. A VPN creates a protected tunnel that stops unwarranted access to browsing history, financial information or passwords.
• Cisco Umbrella– Umbrella has the power to protect your users from Covid-19 attacks online whether they are on or off the corporate network. With Umbrella, businesses can stop these malware infections earlier, identify already infected devices faster, and prevent data exfiltration.
• Employee awareness training- Human error is still the number one cause of data security breaches worldwide. Now more than ever it is important to offer cyber awareness training for your entire workforce, to ensure they are not lured into falling for these Covid-19 scams. This should encourage them to take ownership of Cyber Security best practices to protect critical systems and the future survival of your business.