Coronavirus & Cybersecurity: 3 Areas of Exploitation
by Nouman Ali
The Coronavirus outbreak around the globe has led to massive disruption in every phase of life. The world is trying to adapt to the new normal. While people grapple to come to terms with the situation, cybercriminals have started seeking this as an opportunity. The state of vulnerability and dependence on the internet is causing an increase in cybercrimes.
COVID-19 Impacts on Digital Security
Coronavirus crisis has greatly affected the socio-political and economic state of the world. Cybercriminals are exploiting the situation to break into government websites and databases to capitalize on the whole situation.
Therefore, companies and organizations need to pay extra attention to cybersecurity protocols. Recently, the U.S Health and Human Services Department was attacked by hackers during the ongoing pandemic. Hackers tried to undermine the organization's effort by sending emails, texts, and messages containing incorrect information regarding the pandemic.
According to Kaspersky's research, hackers got in through the age-old trick of phishing; an investigation into the incident revealed malicious files masked as coronavirus guidelines. Furthermore, hackers are using fake domains similar to the Centers for Disease Control and Prevention to send emails regarding coronavirus helplines to unsuspecting users; once the receiver opens the email, their account is hacked. Since people are likely to open emails containing information about the virus, hackers are exploiting their vulnerability to their own ends.
COVID-19 and Data Protection
Due to COVID-19, many companies have shifted to telework. Now, more than ever, people are working from home, which poses a unique threat to organizational security. Most employees are unaware of the security measures they need to take to ensure that their network and data are safe from cybercriminals.
Unconsciously, employees may become victims of Trojan hacking attempts, pishing, and more. Since employees are working from home, they are sharing organizational data over their internet connection, and they are accessing restricted work websites on their system. Once the hacker hacks their system, all this data falls into the lap of criminals.
Let's have a look at a few stats to know more about COVID-19 and cyber-attacks:
- In the next few months, 49% of the organizations are expected to experience a data breach incident
- Almost 46% of businesses globally have experienced a data breach at least once
- In May 2020, the FBI reported a 300% increase in cyber crimes
- Phishing has increased 600% times after the coronavirus outbreak
- Ransomware attacks have increased by 148%
- 238% of cybercrimes are now relevant to COVID-19
These stats indicate a high-rise in the cybercrimes, according to a report, cybercrime will cost $6 trillion annually by 2021. Hackers are threatening various areas of the community, 3 of the major concerns are explained below:
The hacking attempt on the U.S Health agency indicates how cyberattacks are going to affect the political structure. The outbreak is new, and this is only the beginning of cybercrimes related to Coronavirus.
In worse case scenarios, malicious people may hack power plants, industries, chemical and petroleum agencies, etc. Health industries, medical, and pharmaceuticals are the most in-demand industries these days and are in a difficult position to guard their security.
It is high time to implement well-established security systems to avoid any hacking or other penetration attempts. Along with the threat to national security, the dissemination of fake or factually incorrect information is also a threat to social stability. Cybercriminals are also using spreading fake information to discredit and defame authorities and government policies during the Coronavirus.
Due to the current situation, internet usage has increased, and hence people are purchasing domains every second. Cybercriminals are targeting newly made websites and exploiting the situation to their benefit. Disguised as internet service providers, cybercriminals are obtaining people's bank account and other personal information.
Moreover, the rate of click bates has also increased exponentially; phrases like "Coronavirus helpline," "low-interest rates limited time offer," "crimper tool at a low price," or "working from the comfort of your home with good salary" are popping up on people's web searches to lure them towards malicious websites. Cybercriminals are also hacking into medical systems to phish for information regarding patients as well as doctors and health workers.
Previously, hacking and fake websites were easy to identify based on user-interface and typing errors. Now, hackers have begun to imitate as brands and organizations in a way that they appear legit, and hence people easily fall target to their criminal attempts.
Terrorist organizations may try to take advantage of the situation and look for opportunities to break into the database of sensitive organizations such as airlines, pharmaceuticals, nuclear plants, etc. These hackers have their own agenda and given the lax in security due to COVID 19, they feel more confident.
Small-time hackers have their own targets; they are targeting organizations that have recently switched to online platforms and don't have sufficient security protocols in place. They hack into the system to obtain sensitive data and later ransom it for money.
What to Do Now
With COVID-19 eating up their resources, cybersecurity is not a priority for many organizations. Which is why cybercriminals are exploiting the situation to their benefit unhindered. There is no clear cut solution, but individually, each organization needs to pay attention to their cybersecurity.
Statistics show that 51% of the companies have reported more phishing attacks after the COVID-19 outbreak. It is a learning experience for people around the globe on how to make their systems even more secure to avoid any cyber-attack or phishing. General education and awareness amongst employees must be ensured to prevent any unfortunate incident.
Improved guidelines and SOP's should be made by businesses and organizations for data protection and privacy. Strong security checks, two-way encryption, and password protection around the organization should be monitored.
Some Measures To Ensure Safety
Only 41% of cybersecurity experts reported their companies are following the best protective measures for data and cybersecurity. A few of the things that you can do at a personal level to ensure protection are mentioned below:
- Keep a backup of all the essential files
- Verify the legitimacy of a website before filling in information
- Install the latest versions of antivirus in your systems
- Email gateways must be secured
- Download files only from trusted sources
- Ignore email with heading leading to "Coronavirus guidelines" unless you validate the source.
- Do not click on attachments or download files from an unknown contact
- Keep personal and professional systems apart
- Update your passwords and look for a strong combination
Experts cannot emphasize enough on awareness and knowledge of the types of malware and phishing. Organizations need to train their employees about data breach and cybersecurity worldwide. In the coming few months, things are going to be even more unpredictable, which is why every organization should proactively work towards cybersecurity.
About the Author
Nouman provides ghostwriting and copywriting services. His educational background in the technical field and business studies helps him in tackling topics ranging from career and business productivity to web development and digital marketing. He occasionally writes articles for Shireen inc.