To an extent, the Covid-19 virus has already served its purpose – to spread fear and paranoia in people. The attackers are using the opportunity to test out different ways of circumventing cyber security measures.
First Published 23rd March 2020
Covid - the beautiful distraction.
4 min read | Reflare Research Team
The ongoing Covid-19 pandemic has affected almost all elements of modern life. That includes cybersecurity. In this briefing, we will take a look at some of the shifts and provide guidance on how they may be mitigated.
Covid-19 related phishing attacks
The key to a successful phishing attack is to override the victim’s natural inclination to ignore any email coming in and caution of said emails. The easiest way to do this is to instil a sense of urgency. So, it comes as little surprise that attackers are starting to modify their phishing attacks to prey on fears of the virus.
The phishing emails usually promise information on the virus, cures, tax refunds, breaking news or calls for donations. In other words, they play to people’s fears and desire to help. To do so, they impersonate governments, news organizations, charities, and subversive organizations.
Mitigation: Awareness is your best line of defence. Phishing attacks work best when people have not seen them before. Maintain your usual alertness in the face of the pandemic.
A sudden increase in remote work
Most large companies already offer some sort of remote working capabilities. However, they are normally used only by a fraction of the workforce and for a limited amount of time. The pandemic and ongoing quarantines mean that the number of users working remotely has increased sharply. This is putting a strain on both the systems in place to allow remote work and the tech staff that needs to maintain them.
Increased stress and fast roll-outs can lead to corners being cut and bad decisions being made in the heat of the moment. This, in turn, can open your company up to attackers.
Mitigation: Put in place or re-enforce policies that secure remote working systems. Don’t stop auditing to speed up deployments. While the prospect of having hundreds or thousands of employees unable to work for several days as systems come online may be daunting but the prospect of a breach bringing the system down indefinitely is worse.
Maintaining compliance
The pandemic has not removed the compliance requirements of standards like PCI-DSS or ISO 27001. Many organizations are struggling to find remote alternatives to their usual systems, processes, training and auditing strategies. While we expect auditors to show a certain level of leniency in the face of such a pandemic, this cannot be guaranteed and will not extend forever.
Mitigation: Setting up infrastructure that can be remotely audited removes a lot of the stress of auditing requirements. At the same time, allowing employees to train remotely can allow you to meet requirements without on-location training.
** Reflare specializes in remote hands-on training for both tech and non-tech staff which comply with many different industry standards. If your organization is facing challenges, please consider reaching out to our team. We are here to help you identify and implement the right solutions that best fit your needs.
Attacks against healthcare targets
Last but certainly not least, we have seen an increase in attacks against targets related to healthcare. Incidents range from simple hacking attempts to DDoS to sophisticated attacks. Attackers likely include state actors which are looking for intelligence and disruption, criminal groups that are looking for re-sellable data, and activist organizations that may be misguided by conspiracy theories and looking for “the truth” of the pandemic.
Mitigation: Organizations in the healthcare sector should exercise extreme caution during the Covid-19 outbreak. Cyber attacks are bound to continue and disruptions of the healthcare systems are likely to have a large impact on the lives of ordinary people.