Cyber Security In The Current Climate: A COVID-19 Update
/What strange times we have been thrust into! Online business is booming whilst physical stores are closed due to the current and state by state varying social distancing restrictions amidst the COVID-19 crisis. Many employees who can are now working from home while others have unfortunately been stood down, and are doing the best they can during their forced break.
One group that has not taken a break, are cyber attackers or hackers.
We’ve written previously about ensuring you’ve got the right set-up, making sure you’re safe on Zoom and ensuring your internet can get you through this, and the elephant in the room: the increased privacy and security concerns in the current climate. Now that the mad rush to get setup at home has subsided, the focus is shifting to the risks associated with working from home.
No longer can employees turn to each other and ask ‘hey, did you get this strange email as well? Is it legit or a scam?’ if they aren’t sure about what’s hit their inbox, this poses a real problem as people are less perceptive and vigilant in the rush to get work completed, particularly with the added distractions at home.
Many companies are seeing an increase in malware-laced emails in the form of phishing campaigns or with malware attached disguised as an office file. Ourselves included. The phishing campaigns are often borrowing identities of health and aid associations for monetary benefits or even as help desks to try and gain security credentials from users.
While this is not much different to previous phishing campaigns, email providers are seeing a change in the type of lure and hackers are updating content to be more current and relavent around the coronavirus and virus-related-activities such as, protecting staff from potentially contracting it. Microsoft has reported that of the millions of targeted emails it sees each day, roughly 60,000, have included COVID-19 related malicious attachments or URLs. While that may seem like a large number, it is still only 2% of what they see overall, but growing. Google is seeing similar numbers as well with COVID-19 related emails equating to 2.5% of the 100 million phishing emails Google said it blocks daily.
Here’s a handy tip for checking the domains of emails or links you may be sent!
About 20% of malicious domains are very new and used around 1 week after they are registered. If you enter the domain into a website such as https://whois.auda.org.au/, you can commonly see information about who registered the domain, when it was registered and where they were based. If anything doesn’t match up with the email content, where it’s been sent from or you still aren’t 100% sure it’s safe, best not to click it.
The broad shift to work-from-home arrangements has meant that cyber-attacks are more likely to succeed. Many are not using their work computers, which have been specifically set-up in a way to provide maximum security for the data stored on it, but instead are using their home set-ups which may not be as secure and have the same security protocols and restrictions in place. For example, home computers may not have an up-to-date anti-virus installed and scanning regularly, may not have the latest software updates, or may not use a VPN if still needing remote access to the office. Home devices usually aren’t managed by IT and are therefore generally more vulnerable than work devices for a number of reasons, including the fact they are likely to be using user accounts that have administrator access. If you have unrestricted access to your computer, so will malware when it takes hold.
Our increased online presence and the need to be kept informed with the current news is also being exploited. Cyber attackers are using websites with weak security to deliver malware. With the creation of new domains and websites to spread information and resources to combat the coronavirus, attackers are exploiting the weak security controls on many of these sites to spread malware via drive-by downloads i.e. when you access a dodgy site and inadvertenty download something malicious. These downloads are what can slip through if a user’s anti-virus is not up to date or not running. Just recently in the US, a department within a state’s local government had its website encrypted by ransomware, preventing officials from posting information for the public and keeping employees from accessing certain files.
Thankfully however, this remote working shift has also meant that some businesses are booming. Microsoft’s cloud services reported a 775% increase in demand across their platforms when strict social isolation measures were put in place. We have experienced this ourselves as we are fielding more questions regarding cloud storage to ease access requirements where current infrastructure may not be adequate. Use of Virtual Private Networks (VPNs) has also gone up significantly as many still need access to files or computers stored on-site. NordVPN reported to ZDNet in late March that they had seen a 165% rise in users since March 11 which coincides with more people being at home as social distancing measure came into effect globally. Unfortuntately, not all businesses are using VPN for remote access. Unsecured Windows Remote Desktop (RDP) instances have increased from 3 million at the start of the year, to 4.1 million, posing a huge risk to those businesses.
No one is sure how much longer this virus will be impacting our lives both personal and businessm, but either way it’s still best to be cyber aware rather than cyber alarmed. Even though a hacker attacks every 39 seconds, and are often successful, that does not mean there is no point to having security. You can never protect yourself fully from cyber crime or data breaches, but you can mitigate your risk. A good, strong and unique password, multi factor authentication, an up-to-date and regularly scanning anti-virus along side a regularly updated computer will help keep you and your data safe. Be careful what links you click on and websites you go to as every 1 in 13 web requests leads to some sort of malware. Ensure only those who need access have access and maybe take some time out to review your privacy and security policies, or use this opportunity to start creating them.
Don’t be overwhelmed. You all have enough on your plate right now! Just start with one thing, and you’re already on your way to being more cyber fit!