Managing Cyber Threats in the COVID-19 Era
Cyber threats pose a serious challenge to businesses. It’s fair to say that the COVID-19 pandemic has changed almost every aspect of our daily lives, and this has perhaps manifested itself more so than anywhere else in our working habits. As we have settled into the “new normal” of working from home, this brought with it an increased reliance on technology.
We have switched our attention from the daily commute to the stability of our internet connection, while the emergence of a teleworking culture means we spend a significant portion of our day on Zoom or Teams calls in order to connect with colleagues and contacts around the world.
In an already hyper-connected society where so much of our personal data is freely available, this increased technological dependence within our own homes has opened up new opportunities for cybercriminals to exploit this crisis for their own advantage.
The FBI reports that “the number of complaints about cyberattacks to their Cyber Division is up to as many as 4,000 a day”. That represents a 400% increase from what they were seeing pre-coronavirus. And with more consumers – and subsequently, the companies they work for – becoming exposed to security threats like phishing attacks, it is more important than ever to raise awareness of the measures needed to protect the digital infrastructure of homes, businesses and institutions.
The COVID-19 pandemic is resulting in more cybersecurity breaches happening more rapidly, posing new challenges to mitigating exposure. So, what can we do to counter this threat?
Here are some key factors to keep in mind:
Identify, Protect and Manage
The first requirement is to identify indicators such as your companies patch status in order to gain insight on the state of patching on specific devices, as well as providing metrics for reporting. You should also develop an automated vulnerability management schedule, so you know what vulnerabilities are present within your IT estate on a regular basis.
Secondly, increasing the protection of business devices used by employees needs to be prioritized, especially considering the rapid growth in teleworking. Additionally, in order to protect company emails and file transfers, there is a growing necessity for businesses of all sizes to adopt and invest in VPNs.
Furthermore, businesses need to harness the power of the cloud. By using cutting-edge cloud-based antivirus software, businesses can to take advantage of the elasticity provided, while protecting capacity and escaping from traditional, signature-based malware detections. This behavior-based approach enables companies to respond quickly to new threats as they emerge.
Adopt a Mindset of Extreme Precaution
One of the key hooks that cybercriminals have adopted during the COVID-19 pandemic has been an explosion in spam messaging. We have seen email attacks increase significantly, with users being encouraged to open an attachment or click on a link, which in turn infects their machine.
We have also seen the rapid appearance of malicious domains related to COVID-19 targeting those who are worried about catching the virus, alongside an increase in successful brute force attacks, whereby an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly.
More worryingly for SMEs, we have also seen a significant increase in ransomware attacks resulting in businesses who have been compromised being faced with payment demands of hundreds of thousands of pounds.
The uncertainty and social vulnerability we are experiencing as a result of the coronavirus means mistakes are being made by users and businesses alike. Measures such as not clicking on email links and not replying to emails from senders we do not know may sound obvious, yet they remain a critical route into businesses for cybercriminals.
Therefore, during these unprecedented times, we must all take extreme precautionary measures to ensure we are not caught out by a damaging cyber-attack.