COVID-19 has changed most aspects of our daily lives, including how businesses are being run. Organizations now require employees to work from home in response to the COVID-19 outbreak. According to crn.com Microsoft cloud services reported a 775% increase in demand across their platforms when strict social isolation measures came into place. Many businesses have faced a lot of challenges from the cybersecurity front cause they often lack the experience, protocols and technology required to enable a remote workforce, in a secure way.
Cybersecurity threats such as phishing attacks are becoming all too common and they are moving very quickly during this pandemic. Thus, awareness needs to be created to protect digital infrastructure of institutions, businesses, organizations of all sort including hospitals and public health facilities.
Increase in Online Scams and Phishing Attacks
Fake websites created by cybercriminals with relation to COVID-19 to trick victims to click on phishing links or open attachments containing malware, that can result in having access to personal accounts of the victim or identity impersonation. A report created by Trend Micro gives details on how nearly a million spam messages have been linked to COVID-19 since January 2020.
The new order in relation to the scheme of choice has now been Business Email Compromise which involves spoofing of supplier and clients email addresses or using nearly identical email addresses.
Increase in Ransomware Attacks and Distributed Denial of Service (DDoS)
There has been an increase of ransomware and DDoS related attacks especially on public health institutions, hospitals, medical centers. This is now the target of cybercriminals and since they know they can’t afford to be locked out from their systems; cybercriminals believe they are likely to pay for the ransom. Ransomware can enter their systems through emails containing infected links or attachments, compromised employee credentials or by exploiting vulnerability in the system.
Increase Malicious Domains
Domain registration containing the keywords “COVID” or “corona” has increased. This is taking advantage of the increase in interest of people trying to gain more information about COVID-19. A lot of these domains created are believed to be developed with malicious intent.
According to Palo Alto Networks, as at March ending, 2,022 malicious and 40,261 high-risk newly registered domains were discovered.
The number of countries encouraging citizens to stay, work or learn from home is on the increase, there cannot be a better moment for the focus to be on cybersecurity.
1. Make sure your information is safe
- Make sure that before entering in login details or sensitive information, you are on the company’s legitimate website.
- Create a backup for all important files and store them separately from your system.
2. Software and systems check
- Regular scans of computers or mobile devices should be performed
- Third party or outdated components should be disabled
- Latest anti-virus software should be installed on systems and mobile devices
- Have a secure email gateways to stop threats that might come through spam
- Increase security also on home networks
3. Be vigilant
- Password policies should be regularly updated and ensure that they are also strong for example, mixing lowercase, uppercase, special characters and numbers together
- Always check links before opening them and be vigilant when opening attachments, do not open attachments or click on links you don’t know the sender or not expecting mails to come from.
- Privacy settings should be regularly checked on social media accounts.