Cyberattacks on the Rise
Cybercriminals are adapting their usual methods of operation to take advantage of the fear and uncertainty associated with the coronavirus pandemic. For example, phishing emails and other fake messages are sent out to users to offer miracle cures or protective equipment, elicit payments for non-existent charges and services, or obtain login credentials and personal data. At the same time, cyberattacks against organizations are growing in number and intensity.
Users in the Front Line
The global move to working from home has turned traditional IT security on its head. Remote access is now the rule, not the exception, and many organizations were unprepared for the sudden shift to remote work. During the lockdown, employees and students still need to access data and applications – but without the safety of the corporate or campus network. End users are now in the front line of cybersecurity, and education is the most important weapon in this fight.
To spread malware and run scams, cybercriminals are setting up thousands of fake COVID-19-themed websites under newly-registered domain names. Even if these are quickly taken down, new ones are immediately registered to spread disinformation, bait users with the latest news, and assist email and social media scams.
Security researchers have also found plenty of coronavirus-related malware, including trojan horses and ransomware. With so many people now working, sharing, and communicating online, malware can spread very quickly, even getting into internal company systems via virtual private networks.
Business and Healthcare Under Attack
Hoping to take advantage of overburdened and understaffed operations and security teams, malicious hackers have intensified their efforts. For example, with ransomware attacks, organizations might not only be easier to attack now but also more willing to pay a ransom to quickly get back to work without going through the whole incident response process.
Healthcare providers have always been targeted by cybercriminals but now they are especially vulnerable. When staff are overworked and tired, phishing and social engineering attacks are more likely to succeed. At the same time, with all resources strained to breaking point, institutions are more susceptible to attacks that attempt to exploit system and application vulnerabilities. Many denial of service attacks and data breaches have already been reported, with more definitely to come.
The coronavirus pandemic already affects or will soon affect every part of the world, so clinical studies and research results have become prized goods on the dark web. This means that apart from hospitals and response organizations, research teams and agencies are also coming under attack. The past weeks have seen also attacks against the World Health Organization (WHO) and the US Department of Health and Human Services (HHS).
Why Cybersecurity is Vital Now
Organizations across the world are struggling with the financial and operational consequences of the pandemic. Many are losing revenues and are forced to lay off or furlough staff, and information security is often among the first areas to suffer. This is especially dangerous, as cybersecurity is vital during this critical time.
For organizations that have switched to remote work, web applications are now business-critical. In the current climate, any downtime or data breach can be disastrous, so it is more important than ever to find dangerous vulnerabilities and fix them before they are exploited by malicious hackers.
Continued and effective operation is especially important for organizations involved in COVID-19 relief efforts, including healthcare providers, emergency services, government agencies, and research institutions. A successful denial of service or ransomware attack on a hospital can delay medical intervention and quite literally cost lives.
At a time when cybercriminals are doing their best to spread scams and malware, any vulnerabilities in well-known and trusted websites can be exploited to mount cross-site scripting (XSS) attacks. For example, attackers can send emails or other notifications containing a link to a trusted (but vulnerable) website. When the link is opened, the user gets redirected to a malicious website that might install malware or perform session hijacking.
How to Maintain Cybersecurity During the COVID‑19 Crisis
There is no doubt that cybercriminals are in full attack mode, attempting to exploit every human and system weakness. Here’s our advice for these exceptional times:
- Start by educating users, whether on-site and remote, on the critical importance of cyberhygiene. There is nothing new here: use anti-malware programs, don’t open suspicious attachments, don’t trust unexpected messages, don’t install unknown apps, and think before you click. Millions of users working from home are now the first line of defense, and a little extra care can prevent the vast majority of attacks.
- If your staff are working from home, harden remote access in any way you can, for example by enforcing multi-factor authentication.
- For business-critical web applications, make sure you find and eliminate any vulnerabilities to minimize the risk of downtime and data breaches.
Invicti Can Help
A lot has been said in the past decade about the world moving online, but the COVID-19 pandemic has caused just that in a few short weeks. All over the world, cybersecurity is now crucial for the functioning of government, media, business, education – and, first and foremost, healthcare.
At Invicti, we want to help the global relief effort. We believe we have the best web application security scanning software on the market, and we are offering complimentary licenses to organizations engaged in the COVID-19 response. See our blog post for details, and please spread the word if you know an organization that could use our help.
Keep secure, everyone, and stay safe.