The Great Lockdown: COVID-19 and The Impact on Cyber Security

The Covid-19 pandemic dominated the entirety of 2020 globally. It has been widely discussed in news, communities, and professional groups as well. But 2020 will also be remembered for transformation on the work culture front. Due to the pandemic, people were constrained within their homes and work from home culture built momentum.

The pandemic brought about many silver linings and positive trends in the cyberspace domain; for e.g. many businesses and companies migrating their business online, employees working from home and enjoying better work-life balance.

The pandemic resulted in new types of security risks, threats, and cyber-attacks, but the domain of cybersecurity rose to the challenge and has evolved and grown in various ways recently.

Cybercriminals took advantage of the pandemic and caused such a nuisance on the internet that it led to Cyber Security Experts term it as the “Cyber Pandemic”. The work from home push led to the rapid deployment of remote systems and networks to support employees working from different locations.

This brought about an alarming increase in the rate of attacks as cybercriminals took advantage of the vulnerabilities of the systems to force entry into the company’s network, cause system failures, data disruption, and stealing.

The sudden and exponential increased dependency on the world wide web created new opportunities for cyber-attacks as many businesses did not have enough time to ensure their cyber defences are up to date.

This was highlighted by the statement of Jurgen Stock, Interpol Secretary-General, “Cybercriminals are developing and boosting their attacks at an alarming pace, exploiting the fear and uncertainty caused by the unstable social and economic situation created by COVID-19.”

Read Also: Why Application Security is Important in Financial Services?

Cyber Security Issues and cyber-attacks

 

Following are some ways in which Covid-19 has affected Cyber Security:

Insecure Personal or Home Equipment

With work from home being the new norm, several organisations were unable to provide their employees with corporate equipment (desktops, laptops etc.) and had to allow them to work on personal devices remotely, as work had to go on.

Personal devices usually do not have a sophisticated cyber security system and are easy to crack. There was also the possibility that the personal device already had some malware or virus sitting within.

These factors worked in favour of cyber criminals as personal devices were easy to infiltrate and get access to personal as well as company data.

Unsecured Remote Channels

While in the office, internet browsing and network channels are well protected by a robust network security system, at home, employees use their personal routers and private connections which are easy to hack into.

The results of many surveys have reiterated this fact with an increase in the volume of attacks on unsecured RDP ports, the most popular remote connection protocol for computers running Windows operating systems.

Read Also: What is SQL Injection Attack?

Video Conference Hijacking

Since employees have been confined to their homes and in-person meetings were out of the question, video conference and tele conference rose in popularity as the two mediums for conducting work meetings.

This resulted in the increased usage of video conferencing software and online collaboration tools. Products unknown before came to the forefront and new tools were developed and launched.

This presented opportunities to cybercriminals to exploit security gaps in these software and collaboration tools and several malicious attacks took place.
Over a year ago, a Cyber Security firm detected a vulnerability in Microsoft teams that allowed them to gain access to employees’ accounts. Employees also use personal accounts for free Google and Microsoft services to exchange data.

Though a basic level of encryption is available on these platforms, they are third-party apps and are not managed centrally by the company that would enable them to prevent attacks, thus compromising the system and causing data breaches.

Healthcare Industry at Greater Risk

 

Cyber Security Professionals have had a tough time adapting to the changes in the security environment, whereas for cybercriminals, changes in people, processes, and technology have provided a launchpad to pivot malicious attacks within government and worldwide companies. One sector that has been severely affected is the Healthcare sector.

Since the start of the COVID-19 pandemic, there have been multitude of cyber-attacks directed towards WHO staff and email scams against people In general focusing on healthcare and medical information.

Some attacks on WHO got through their cybersecurity defences resulting in the leaking of about 450 active WHO email addresses and passwords, and thousands belonging to others working with WHO on the novel coronavirus response. Advanced cybercriminals, like the members of the Lazarus group, attacked a pharma company that was working on the development of the Covid-19 vaccine.

Read Also: Cyber security in healthcare

Phishing

Malicious attackers and infiltrators have revised their online phishing scam theme. By using the pandemic as the medium, Covid-19 themed phishing scams have come to the forefront wherein an attacker impersonates as a government or healthcare official and sends the general population emails and messages regarding Covid-19.

They entice people to provide personal details by stressing the importance that they need to be in touch in case of emergencies or forced to download apps containing malicious malware leading to data breaches and stealing of credentials.

Disruptive and Data Harvesting Malware

Due to the ongoing pandemic, online transactions and payments have increased tenfold. This presents a perfect opportunity for a cybercriminal to launch a disruptive attack and send data harvesting malware to unsuspicious customers.

They use malware such as remote access trojan, info stealers, and spyware and target a banking network or the network of an online retailer, causing a data breach. They then make financial benefits and gains from the compromised system.

Welfare Scheme Scams

Many welfare benefits scams rose in the past year as attackers targeted gullible citizens going through a financial crisis because of the pandemic. The themes are simple, the attackers masquerade as government officials and promise welfare and compensation benefits.

The users or citizens are then asked to pay a small commission/deposit to transfer funds in their bank accounts to gain these benefits. Even if 50 persons out of 1000 fall prey to such a scam, their individual amounts total up to a tidy sum for the cybercriminals.

It is also very difficult to trace the money transfer and 99% out of 100, people do not get their money back.

Protective Measures to be Adopted

Covid-19 themed exploitation has dominated the attacks by cybercriminals since 2020. Here are some protective measures that SecureTriad suggests to avoid getting into this trap.

For employees and professionals:

• Use antivirus and a sophisticated firewall on your personal devices and strengthen its security.
• Do not click on malicious links sent on emails and messages.
• Report suspicious emails and emails from unknown senders to your company’s Cyber Security Team or the email provider.

For organisations:

• Review and update data security policies and practices and ensure that they are compatible with remote working environments.
• Communicate these to employees.
• Educate employees regarding safe Cyber Security Practices and send a timely and frequent reminder of what not to do.
• Use identity access management tools, apply additional authentication mechanisms (like 2-factor authentication) and limit access to confidential data.
• Ensure use of robust collaboration tools to secure video conferencing and teleconferencing avenues.
• Use network segmentation, separate private networks, and guest networks so as to avoid the contamination of all networks at once.
• Periodically carry out penetration testing of the organisation’s network, applications, and services with a trusted third party.

Conclusion

The pandemic has changed the cybersecurity domain drastically. However, the cyberspace industry is fighting back against these attacks and are trying to build robust systems to deflect the attacks.

During these unprecedented times, individuals and companies should work together as a community to maintain basic Cyber Security Hygiene Standards and take all necessary steps in the fight against cybercriminals.

Click here to see the suite of penetration testing services available to your organisation and get in touch with SecureTriad to discuss your cybersecurity needs and options.