At the time of writing, 40.6 million cases of COVID-19 have been confirmed. Across the globe, the disease has taken the lives of over one million individuals. The last seven months have seen the rise of this global pandemic and as of this month, the light at the end of the tunnel seems to be yet within reach.
Needless to say, the onslaught of COVID-19 has changed the way most industries conduct their operations – for better or for worse. Most of the businesses that survived the lockdown and shelter in place orders have shifted their operations remotely.
2020 has seen a drastic increase in work-from-home arrangements in various fields. According to research, in the US, the last five years have seen a 40% increase in the number of employees that are working remotely. This year, 7 million individuals across the country work from home.
The option for remote work provides advantages for both employees and employers. Working from home allows workers to have a better work-life balance. Likewise, this set-up is more cost-efficient for operations that no longer have to pay the overhead for their brick and mortar location.
Not all operations have the technological capabilities to handle remote work. 51% of organizations do not have the proper infrastructure to safeguard their website from cyberattacks. In fact, only 9% of companies employ cloud-based anti-malware security measures.
While the sudden shift to remote work has done wonders to circumvent the spread of COVID-19, it has also exposed the lapses in security for most organizations. At this point, the surge in cybercrime and cyberattacks has been at an all-time high.
Cyberthreats in the time of COVID-19
COVID-19 has had a massive effect in most industries – cybersecurity is no exception. The pandemic has rendered current security measures of most organizations moot especially as these businesses transition from a brick-and-mortar operation to the option for remote work.
In a recent assessment conducted by the Interpol across the EU, the government agency has discovered a significant shift of cyberattacks from individuals to larger-scale operations. From January to April, Interpol detected almost a million spam emails, 737 incidents of malware detection, and 48,000 malicious URLs.
“Cybercriminals are developing and boosting their attacks at an alarming pace, exploiting the fear and uncertainty caused by the unstable social and economic situation created by COVID-19. The increased online dependency for people around the world is also creating new opportunities, with many businesses and individuals not ensuring their cyber defenses are up to date. The report’s findings again underline the need for closer public-private sector cooperation if we are to effectively tackle the threat COVID-19 also poses to our cyber health” quipped Jürgen Stock, INTERPOL Secretary-General.
Interpol’s research highlighted several COVID-19-related security vulnerabilities in the cybercrime landscape:
Email Scams and Phishing
The current global pandemic has seen a revision in the means by which hackers endeavor scam and phishing schemes. There have been cases wherein malicious individuals pose as government and healthcare authorities in order to obtain sensitive information from their victims.
Previously dormant threat groups have targeted healthcare institutions since the uptick of COVID-19 cases in Europe and across the globe. The hackers use disruptive malware to damage critical hospital infrastructure to obtain financial gain from their victims.
Cybercriminals have begun using COVID-related information to lure institutions into accessing data harvesting malware such as info stealers, spyware, and trojans.
The rise in COVID-19 cases across the globe has significantly increased the demand for information regarding the disease. Malicious individuals have used the demand for information to facilitate their attacks by registering domains that contain keywords like “coronavirus” or “COVID-19” on the URL.
Prevalence of Misinformation
Over the course of the pandemic, fake news across social platforms have been reported worldwide. In the assessment, Interpol found 300 news links containing malware.
Interpol’s findings correspond with the research conducted outside of the EU. In a report conducted by cybersecurity firm, Kaspersky, it was revealed that brute-force attacks on RDPs (remote desktop protocols) have seen a sharp increase since the beginning of March. This form of cybersecurity breach has surged by 400%.
RDP is a Microsoft product that allows users to access desktops remotely. It is used by most companies that have shifted to work-from-home arrangements.
Likewise, there has been a 667% rise in instances of COVID-19 scamming and phishing schemes across the globe. The scams are identical to most phishing attempts. However, malicious individuals are now using COVID-19 to pilfer information from unsuspecting victims.
Consideirng the surge of information, and misinformation, about the pandemic, it isn’t surprising how most recipients fall for the scam. In fact, COVID-19 related scam recipients are three times more likely to click on malicious links if it contains keywords related to the pandemic. For reference, before the pandemic, only 67%, compared to 75% at present, of phishing links are clicked.
Protecting your Operations from Malicious Attacks
Considering the pervasiveness of cybersecurity attacks, ensuring the safety of your website is all the more important during this trying time. Breaches can cause severe damage not only to your website but your business operation as a whole. In order to remain protected, below are security measures that you should have in place:
Issue Cybersecurity Guidelines to Your Employees
The terrifying thing about the pandemic is the fact that misinformation is abound. Fake news extends from details regarding the virus to information supposedly from healthcare officials. One way to circumvent the effects of the pandemic to your operation is through proper information dissemination.
It is important to create cybersecurity guidelines for your workers especially those who are working from home. The guideline should help them identify possible phishing schemes as well as provide an easy way to report suspected attacks.
Look into Early Malware Detection Software for Your Website
As they say, prevention is better than cure. As cliche as it sounds, it is a cliche because it is accurate. The statement rights through especially when it comes to securing your website. Early malware detection software would enable your operations to have a clear picture of your website’s health. Attacks that are detected early impose less damage onto a system. The earlier an attack is detected the less effect it would have on your operation.
Despite ongoing research, there is still much that is unknown about COVID-19. At this point, while the situation has been contained, the pandemic is far from over. Due diligence and preparedness can be the difference between your operation succumbing to the pandemic or successfully navigating through the “new normal.”