Covid-19 related cyberattacks emerged ever since the virus was first discovered in China. Per a recent analysis from Microsoft, almost every country in the world has fallen prey to at least one coronavirus-themed attack. Homeland Security in collaboration with the Cybersecurity and Infrastructure Security Agency (CISA) have issued an advisory relating to exploitation of Covid-19 by malicious cyber actors.
Breeding ground for cybercriminals not going away anytime soon
As more governments encourage social distancing and work from home, companies have moved their entire workforce to remote access at a scale and speed that is unprecedented. Projects that normally would have taken years to roll out have been rolled out in weeks. This has dramatically increased the attack surface. The security perimeter has completely disappeared. Employees, channel partners and other stakeholders are accessing sensitive data, resources and enterprise applications from devices that may not necessarily have the same protections as corporate devices.
Lives of employees have also gotten upended. From homeschooling children to attending meetings, taking care of elders to running errands, there is a heightened sense of uncertainty, confusion and stress. Cybercriminals are exploiting these human vulnerabilities. According to assessments from the World Economic Forum, cyberthreats may well become the new norm even after the effect of the virus recedes. Companies will continue to reel under the effects of an economic recession and will likely be more vulnerable to cyberattacks.
Attackers didn’t suddenly gain more resources, they are simply changing lures
Cybercriminals understand human psychology and typically operate on the science of persuasion. Most often, it’s to get us to click and then after we’ve clicked, it’s to get us to actually give out something, whether it’s money or whether it’s information about our identities or information about somebody else that’s the real target. With the emergence of Covid-19, it wasn’t that the attackers changed their infrastructure overnight or started launching new families of malware or ransomware.
A new Microsoft study shows how attackers simply changed the campaigns and altered lures relating to Covid-19 and Federal or SBA stimulus measures. A common scheme involves phishing attempts like “click here for your stimulus check.” Hackers are also impersonating high-profile organizations like the Red Cross, World Health Organization (WHO), and the Centers for Disease Control and Prevention (CDC). The WHO recently reported a five-fold increase in Covid-themed cyberattacks. Reports suggest that many of these compromises began several months earlier, with attackers lying dormant inside networks waiting for the right moment to strike.
Building a cyber-resilient organization
Businesses can follow these recommendations to achieve an effective cyber resilience:
Additionally, here are some ransomware resilience recommendations:
There’s no silver bullet for cybersecurity. What’s important is that we invest in the right set of tools and training to build the right ‘antibodies’ and ‘muscle memory’ that can be used to fight hackers known to weaponize our fears and anxieties.
Michelle Drolet is founder of Towerwall, a woman-owned cybersecurity and cannabis compliance services provider in Framingham, Mass., with clients such as CannaCare, Smith & Wesson, Covenant Healthcare and many mid-size organizations. She can be reached at [email protected].
Your email address will not be published. Required fields are marked *
Name *
Email *
Website
Save my name, email, and website in this browser for the next time I comment.
Comment *
Notify me of follow-up comments by email.
Notify me of new posts by email.
Δ
By Hannah King and Arin Aragona Plans for Kentucky’s medical cannabis program took a significant turn last week with the passage of House Bill 829 and the implementation of emergency…
By Steven Ascher and Anna M.Windemuth The unique status of the cannabis business — legal in a majority of states, but still illegal under federal law — creates a thorny…
By Courtney A. Hunter and Jessalyn H. Zeigler Demand for cannabidiol (CBD) products continues to climb, and the market has risen to the occasion. There is now a robust array…
Confidential documents obtained by THE CITY reveal how Chicago Atlantic Group became one of the biggest beneficiaries of the state’s legalization program. Last June, Gov. Kathy Hochul announced that a…