While Covid-19 is creating havoc across the globe, there is another lesser-known danger present in the scenario - cybercrimes. There has been an increase in the number of cyberattacks recently. Individuals, hospitals, labs, companies, governmental and non-governmental organizations are all targeted in this rising wave of attacks.
Brno University hospital, the second-largest in the Czech Republic suffered a major cyberattack in March, and critical procedures including surgeries had to be canceled. Even the World Health Organization, which is at the center of Corona response, was the target of multiple unsuccessful attacks. Google has asked its employees not to use the Zoom app on their laptops due to security concerns.
The social situation created by Covid-19 is proving to be conducive for cyberattacks, resulting in one of the largest ever security challenges in history. What are the factors that make the current situation more vulnerable?
a) Work from Home - The major reason for the scale of this challenge is the millions of employees who have shifted to remote working environments. The firewall protection offered by the security network in the offices is missing, and on many occasions, personal devices are also used. Companies didn't have the time to plan remote working strategies on such a large scale.
b) Online Time - Under lockdown situations, people are spending much more time on the internet and devices for working, learning, entertainment, interactions, etc and it creates a higher chance to make mistakes.
c) System burnout -- Our health and other public systems are working on a war footing and completely caught up with handling the Corona situation. It reduces their ability to defend or respond to security threats.
d) Stress and Anxiety - The danger present in the situation and the uncertainty about the future makes people prone to making mistakes and irrational decisions.
e) First time Users - In the absence of regular shopping and entertainment options, many are trying online commerce, payments, and classes for the first time. These individuals, who are not familiar with the processes, are soft targets for hackers.
Hackers are using every trick in the book to obtain private data and to intrude into systems. Other than the normal phishing attempts, hidden malware is spread through Documents and messages with Corona information and updates.
Social engineering ploys are used where the hackers pose like the authorities or institutions for manipulation. Ransomware was used several times against healthcare institutions across Europe. In a ransomware attack, the hacker gets into the system, encrypts the data making it inaccessible, and asks for a ransom payment for the decryption
In our personal lives, we know how to safeguard our private data and financial transactions. But, in the new world where Remote working is widely adopted, we need to be much more careful about protecting all the work-related networks and systems including web platforms, intranet, extranet, and client portals. The security teams also need to take a proactive approach by testing their existing protocols and making contingency plans.