Cybersecurity During COVID-19
The COVID-19 pandemic has changed much about our modern workplaces. Social distancing has made everyone find alternative workplace options, and that usually means working remotely. The remote work landscape can be great for workers but also has made it easier for cybercriminals to attack. Learn more about how to manage your cybersecurity now that COVID-19 defined the new normal.
It's crucial to stay informed about changes in cyber security protocols created by Covid-19 and how to stay ahead of a possible attack.
What's the Danger?
Workers still need to be communicating even if they aren't in the same building. We have the ability to email, use services like Zoom or Microsoft Teams to attend remote meetings, and use other alternative workplace options to stay connected with one another. However, remote access can make you vulnerable.
According to the Cybercrime Statistics, during the pandemic, the numbers of cyber attacks are staggering and scary. The FBI recently reported that the number of complaints about cyberattacks to their Cyber Division is up to as many as 4,000 a day. That represents a 400% increase from what they were seeing pre-coronavirus.
The attacks that are happening now are not much different than before. Hackers are using aggressive phishing campaigns through the guise of Covid-19 related emails or news. These disguised messages lure people in with COVID-related apps to download to track the virus, or links saying they provide up-to-date news about how COVID is affecting your industry.
However, these links or apps may install ransomware or other malicious malware onto your network that can hurt you or others in your company.
According to cisa, here are examples of phishing email subject lines: 2020 Coronavirus Update; Coronavirus Updates, 2019-nCov: New confirmed cases in your City; and 2019-nCov: Coronavirus outbreak in your city (Emergency).
Most phishing attempts are usually conducted over email, but there has been an increase in SMS messages being used to gain access as well.
For example, a series of SMS messages use a UK government-themed lure to harvest email, address, name, and banking information. These SMS messages purporting to be from “COVID” and “UKGOV” include a link directly to the phishing site.
Attackers know that with everyone communicating online there is less concern for each individual email that people open. They are basically using our inherent laziness to attack us where we are weakest.
What Happens After a Phishing Attempt?
So what happens if you do click one of these links or download an app? Well, it depends on the type of malicious malware that is being used.
Most commonly the incentive for these attacks is for financial gain. They may steal your bank info, or use ransomware to freeze everything. However, it could be worse.
If you have an insecure network then an attacker may be able to gain access to a whole company network. If that happens then the malware can spread and cause damage to your entire company.
How to have better cybersecurity during COVID-19?
The accompanying list includes some tips on how to operate safely online, and what every business can do to avoid a security risk.
- Consider using cloud-based services
- Train employees how to set up a secure network in their home office
- Use a VPN to create a safe connection
- Implement security during teleconferencing.
- Have a plan if anyone thinks that they have been compromised
- Provide cybersecurity training to avoid common mistakes
Getting through the rest of Covid-19 will be a challenge for everyone. Virtual working environments are evolving as everyone navigates this new mobile work environment. Trends are going to change but taking the necessary steps now can be essential to protecting your valuable data later. Contact us today to help you keep your data safe.