The cyber risks of Covid-19
The growing Covid-19 crisis challenges the business and social norms as we used to know them. Companies around the globe are trying to keep business as usual while their employees are confined to their homes. The employees on their end are struggling to keep everything together at times when schools are closed, kids stay at home, the stress over the pandemic is constantly growing and the financial and occupational futures are uncertain.
While the crisis brings the best out of people with various initiatives to assist the elderly and support the medical staff, and as we see the efforts of many individuals and organizations to assist others in coping with these unusual times, many others are taking advantage of the situation. Contrary to the drop in crime rates in the physical world following shutdown in many countries, in the digital landscape the situation is completely different. The increased use of the internet and social media, the looming uncertainty and the relatively unsecured networks people have in their private homes, create opportunities to perpetrators to exploit the vulnerabilities of businesses and private people who are already in distress.
Have you recently received a message offering you a free Netflix pass, or maybe a new tax refund program for dealing with the Coronavirus outbreak? If you did, we hope you and your employees did not click any links or provide any personal information, since those are scams. Perpetrators are not wasting any time to seize the opportunity while millions are spending more hours in front of their screens in quarantine. By employing their sense of creativity and adapting their mode of operations to fit the situation, cyber criminals are hoping to expand their reach and attracts more victims.
And indeed in the last couple of weeks, the digital world is witnessing an increase in the attempts of cyber criminals to exploit this delicate situation for their own profit. Evidence for this trend can be found in a recent report by CERT India showing a surge in the number of cyberattacks on personal computer networks since employees were asked to work from home due to the pandemic. Other reports by the FBI and the Europol provide insights on a range of ways cyber criminals exploit the situation, such as phishing emails, social engineering, impersonation to government officials and the sale of fraudulent treatments and vaccinations against Covid-19. Some perpetrators are even sending fake emails on behalf of the World Health Organization and the American Centers for Disease Control and Prevention in an attempt to gain the attention of potential victims. As if this is not enough, recent reports show that the number of attempted attacks against the World Health Organization doubled during the Covid-19 crisis, including attempts to attack one of its Covid-19 testing labs.
In times like this, when businesses are required to enable their employees to work from home, both the employees and businesses are most vulnerable. Most chances are that businesses who had to change their mode of operations due to the pandemic are not prepared to the cyber risks of teleworking. As files and documents that were usually tightly secured on the business’s network and premises are now available on the private and poorly secured networks of the employees, this is the exact time to make sure that you have the appropriate procedures and safeguards in place and update them to address the new risks and protect your business, employees, partners and customers.
By running a thorough risk analysis, implementing remote access software, auditing your internal cyber security procedures, editing using-facing policies and keeping employees aware of the current cyber risks, you can make the difference and protect yourself from the current surge in cyber attack attempts. Taking all such measures can also be viewed as a long-term investment that will also benefit you in the long run. This will allow you and your business to adapt to the constantly changing employment market which is leading us towards teleworking anyhow. Businesses who will be able to adapt to this new situation will not only be safe in the current crisis, but will also be better prepared for the future.