Don’t Fall Victim to COVID-19 Cyberattacks

April 7th, 2020
Don’t Fall Victim to COVID-19 Cyberattacks

Blogimg

Protect Your Technology Investment against Covid-19 Cyberattacks

The Coronavirus has sieged the globe, sending a third of the world's population into lockdown and plummeting markets. Now, it's attacking victims online too!

Cybersecurity should be paramount during this pandemic. No matter how small or large; new or established—every organisation is a target!

COVID-19 Poses a Threat in both the Physical and Digital Realms

Opportunist cybercriminals have been quick use Covid-19 to their advantage. Leveraging fears and the myriad of misinformation surrounding the pandemic.

As early as March 13th, cybersecurity experts said that the "spike in email scams linked to coronavirus is the worst they have seen in years," as reported by the BBC.

Industries such as aerospace, transport, manufacturing, hospitality, healthcare and insurance were among the first in the phishing crusade crosshairs.

Examples of Phishing and Malware campaigns include:

  • A Covid-19 conspiracy, reporting a "vaccine cover-up". The link leads to a webpage requesting login details. Unsuspecting victims create a fictitious account and literally input their sensitive information up for Cybercriminals.
  • Benevolent Tax Relief. Mimecast flagged this UK-based scam a few weeks ago. An email supposedly from the UK government says taxpayers are due a refund as relief during the crisis. An "access your funds now" link leads to a fake webpage asking for tax and financial information.
  • WHO is this really from? The World Health Organisation (WHO) freely publishes information on its public website. Yet, imposter emails claimed to hold exclusive virus prevention measures in an attachment. When opened, the attachment "infects computers with malicious software called AgentTesla Keylogger…This records every keystroke and sends it to the attackers, a tactic that allows them to monitor their victims' every move online." Says Proofpoint

Hundreds of more scams are doing the rounds and not only via email. Social media messaging apps are unwittingly playing their part in the surge.

Here's why they are working. Search volumes around this topic are soaring. Hackers know how to appeal to you. New information about the virus is released daily, so it's hard to tell what is or isn't fake news, meaning you don't know what to trust.

Limit Your Business' Digital Exposure

As the American Cybersecurity and Infrastructure Security Agency (CISA) says: "Exercise caution in handling any email with a COVID-19-related subject line, attachment, or hyperlink, and be wary of social media pleas, texts, or calls related to COVID-19."

If you're not expecting it, INSPECT it.

There is a noticeable increase in Covid-19 related email traffic. Notices from health and life insurers, news from your investment brokers. Even hardware stores have turned to mass-mailing to stay top-of-mind!

The trouble is that cybercriminals are creative and will find any means to syphon your—and your customers'—personal identifying information. Be scrupulous. Question everything.

Here's Where You Should Tighten Cybersecurity

Perimeter Protection

Network security is your first-line defence. It's no different to the way you secure your premises. High walls, electric fencing and a guard, prevents intruders from entering.
You'll need:

  • Firewalls
  • Intrusion Detection and Preventions Systems
  • Spam protection

Impregnable Intranet

Now, what if the intruder circumvents your access control and gets inside? This is where bars, bolts and passives safeguard your house's access points. In this instance: securing your endpoint devices.

Be sure to:

  • Run software updates and perform patches regularly
  • Implement a robust data backup process
  • Install anti-malware software
  • Bolster your physical security

Human Error Elimination

Our people are our greatest assets…but, they are most often the cause of the biggest breaches. Computers don't click links—people do. Your company relies on your personnel's' ability to discern between the good, the bad and the downright phishy.

Education eliminates liabilities:

  • Roll-out comprehensive security awareness training. Ensuring that the following topics are covered.
    • Malicious Software (Malware)
    • Public Hotpots post-lockdown
    • File-sharing best practices
    • Social engineering
  • Enforce password policies
  • Run security tests and simulations

Let the Best in the Biz Get Your Back

Technology changes at twice the speed of light—as do security threats. For this reason, small- or medium-sized businesses must strengthen security measures and protect their data.

Trying to make sense of the numerous security solutions available on the market is impossible for untrained workers. Our Managed Cybersecurity Services provides 24/7 protection, on-going employee awareness training and all the checks and balances in-between.

Safeguard business-critical data before it's too late!