Cyber-attacks have increased tremendously along with the rapid global spread of the COVID-19. At this unprecedented time when cyber defences might be lowered due to the shift of focus to the health crisis, cybercriminals are attacking the computer networks and systems of individuals, businesses, and even global organizations. It is essential for businesses to rethink their cybersecurity measures, stay vigilant and choose the right cybersecurity solutions to keep them protected from attackers exploiting the uncertainty of the situation.
A few Cyber Security Facts and Stats related to COVID-19 according to various sources
- With the outbreak of the COVID-19 pandemic, WHO has observed a tremendous increase in the number of cyber-attacks directed at its employees, and email scams targeting the public at large.
- According to an article published by Business Insider, Google is now blocking an average of over 18 million coronavirus email scams per day — along with 240 million daily spam messages.
- The Gulf Today news has reported that according to various studies, there has been a 30% increase in cyber-attacks; some of the most common attacks we are seeing are, emails masquerading as government announcements or fake COVID-19 websites. Attackers preyed on people’s mind clouded with uncertainty and panic
- Since COVID-19, the US FBI reported a 300% increase in reported cybercrimes. As office work moved to personal homes, hackers utilized the opportunity to attack vulnerable networks.
Top 5 cybersecurity threats to be aware of during COVID-19
- Phishing Attacks
It is the most common type of cyberattack that aims to steal sensitive data like credit card or debit card numbers and login information. Cybercriminals are taking advantage of the coronavirus pandemic by sending fraudulent emails and WhatsApp messages that attempt to deceive you into opening attachments or clicking on malicious links to have important updates or encouraging donations impersonating trustworthy organizations. The most popular COVID-19 phishing scam themes include COVID-19 policy updates, virus updates from healthcare authorities etc.
- Ransomware Attacks
The COVID-19 pandemic has set stress on healthcare systems and public institutions around the world. With more patients and distracted employees, they are being targeted by cybercriminals for ransomware attacks since they cannot afford to be logged out of their systems due to the current health crisis. The cybercriminals believe they are likely to pay the ransom. Hence, targeted ransomware has become one of the biggest cybersecurity threats of 2020. Attackers use advanced ransomware software to encrypt the files and demand ransom in the form of digital currencies like Bitcoin making tracing and prosecuting nearly impossible and with no guarantee of data recovery.
- End-point security threats
COVID-19 has compelled many workplaces to go fully remote. Remote workers often work devoid of any network perimeter security, thus missing out on a crucial part of layered cybersecurity protection. In addition to this, mobile devices can often end up masking signs indicative of potential phishing attacks and other cybersecurity threats.
Cybercriminals are exploiting the widespread global communications on the COVID-19 to mask their activities. Malware, spyware and trojans have been found embedded in interactive coronavirus heatmaps, social media links and websites. Spam emails are also deceiving users into clicking on links which download malware to their devices.
- Insider Threats
Insider threats not only include malicious attacks, but also the negligent use of systems and data by employees. To safeguard against these threats, it essential that organizations quickly and accurately detect, inspect, and respond to issues that could be indicators of insider attacks. Common antivirus and anti-malware tools are generally ineffective against these threats. Insider threats require specialized tools that may merge machine learning and intelligent tagging to detect unusual activity, suspicious changes and threats caused by system misconfigurations.
Cybersafety immediate checklist
- Ensure employees are aware of trusted sources of COVID-19 information
- Avoid clicking on emails and attachments received outside your trusted perimeter
- Back up all your systems and app data regularly and securely to guarantee efficient and swift recovery from ransomware and other attacks
- Ensure that any device that leaves the office has comprehensive security services, including a local firewall, advanced malware protection (AMP), DNS filtering, disk encryption and multi-factor authentication (MFA), host IPS, among other protections.
- Always ensure that links go to the genuine website before entering login details or sensitive information
- Ensure all the security software are regularly updated
- Secure email gateways to prevent threats
- Deactivate outdated or third-party elements that could serve as entry points
- Download mobile applications and software from trusted platforms only
- Perform regular health checks on your systems or mobile devices
- Check and update the privacy settings on your social media accounts regularly
- Update your passwords and ensure they are robust
- Strengthen your home network and avoid the use of personal devices at home to access business networks, data, or emails.
Hence, both organizations and individuals need to stay vigilant and identify potential threats exposing vulnerabilities in their security to safeguard from the increasingly malicious cyber-attacks. It is crucial for organizations to review their current cybersecurity measures and build a robust defence strategy against cyber threats.
To know more about cybersecurity solutions and to get a free cybersecurity assessment report from our experts, Request your Free Cybersecurity Review here
- Business Insider
- Gulf today
- IMC Grupo
- Security Magazine