The world is becoming digital, unfortunately much faster as we isolate ourselves on our computers at home sheltering from the COVID-19 virus. As we work remote on our home on secured portals, devices, and personal Wi-Fi, we have become more vulnerable to cybercrime. Microsoft had estimated that by 2020 over 4 billion people will be online, many in remote work environments. That number is far, far larger because of the consequences of the COVID-19 virus.
According to Barracuda networks, the number of coronavirus COVID-19-related email attacks has increased by 667 per cent since the end of February. And between March 1 and March 23, Barracuda researchers detected 467,825 spear phishing email attacks, and 9,116 of those detections were related to COVID-19.
As we become more and more connected, the more visible and vulnerable we become to those who want to hack our accounts and steal our identities. The surface threat landscape has expanded exponentially with smartphones, wearables, and the Internet of Things. Moreover, those mobile devices, social media applications, laptops & notebooks are not easy to secure.
The reason for the increased rate of cybercrime is clear. With all the targets available it is a truly a hacker’s world. A Clark School study at the University of Maryland quantified the near-constant rate of hacker attacks of computers with Internet access—every 39 seconds on average.
The means for hackers is varied across the levels of sophistication and depending upon the actors, some related to organized crime groups, or even nation states. Phishing is one preferred way of gaining access to personal data. It usually done by employing a fake website which is designed to look almost like the actual website. The idea of this attack is to trick the user into entering their username and password into the fake login form which serves the purpose of stealing the identity of the victim. Hackers can easily mimic known brand websites, banks, and even people you may know.
In the last few weeks, many internet users have been bombarded by messages that appear to come from the Centers for Disease Control and Prevention (CDC), the World Health Organization (WHO) and other COVID-19-related organizations. They are actually phishing attacks. DHA and the FBI have put out warnings to be aware of targeted phishing Covid-19 related email messaging directing people to potentially malicious websites.
Another growing method of hackers to reap havoc has been the growing trend of Ransomware. That is used by hackers to hold computers and even entire networks hostage for electronic cash payments. Ransomware has been around for more than a decade, but attacks have exploded in the past few years. Hospitals, businesses, and educational institutions have been seeing a rise in cyber-attacks with ransomware, botnets and malware because of their more distributed and less protected networks.
Because of their relative lack of cybersecurity, health care facilities and hospitals have been targeted by cybercrime. Recently ransomware took down the website of the Champaign-Urbana Public Health District in Illinois, USA. NRC Health, a company that supplies software to healthcare organizations was also hit by a ransomware attack. The US Department of Health and Human Services (HHS) has reported multiple hacking incidents since Covid-19 became a pandemic.
Perhaps the biggest challenge of both connectivity and vulnerability with be with the evolving Internet of Things (IoT). Estimates vary on the expansiveness of IoT. Intel believes that up to 200 billion IoT devices will need securing by this year. The number of devices may come down to how sensors are defined in IoT. In any event, there will be a lot of connected devices providing a massive attack surface with a multitude of opportunities for cyber breaching and penetrating accounts.
There are actions that can enable companies and remote workers to help deter the threats of cybercrime.
Below is a quick checklist list of what you can to help protect your accounts, privacy, and reputation:
Using a Personal Computer: If you are using your own computer for work, be sure to keep all company information confidential and out of reach of others in the household. Make sure you have antivirus installed.
Designate a Space for Work: If you are working from home and others are also working from home, try to find a space away from others in the household. Be sure to find a quiet space in use headphones whenever possible we are on work meetings.
Follow Company Policies: During work hours and when handling work related matters at a remote location, be sure you are following all company policies regarding confidentiality, proper use, ethics, and business conduct.
Children in the Remote Space: If you have children, they must not access your personal computer while you are working. When not working close all browsers and make sure work materials are not accessible.
Always Communicate: It is beneficial if you can supplement email or text communication with frequent face-to-face and voice interactions depending on what type of discussion you are having.
Web-based Meetings: When attending meetings via web conferencing, be sure no one can view your screen, hear the conversation, and that you are using proper Internet security controls while discussing work related matters.
Please download and share this graphic: