Our day to day lives have drastically changed this year, as the world has worked overtime to ensure we keep our societies safe. Collectively, governments, businesses and the general public have been learning, developing, and responding to the crisis, as quickly, efficiently, and responsibly as possible. This is equally true for the cybersecurity industry, which has looked to step up as cyber criminals have attempted to take advantage of the current situation.
As we near the close of April, here are four things we’ve learnt about COVID-19 and cybersecurity in the last four months:
1. Cyberattacks have followed the development of the virus
COVID-19 related cyberattacks first appeared in Asia, then in Eastern Europe, and most recently in Western Europe, meaning the ecosystem of cyberattacks has very much followed that of the spread of COVID-19. Hackers across the globe have sought to prey upon public fear around the virus, as those affected seek to learn more and build a sense of individual control. As with all facets of cybersecurity, a huge part of the work we need to be doing is ensuring that institutions, organisations and individuals are not only aware of the threats they might face, but also equipped with the understanding of how to keep themselves safe.
2. The attacks are varied, often targeting our natural concerns
Motivated by a range of factors – from financial gain to espionage - the types of cyberattacks we have seen have been equally varied and complex. This includes decoys and malicious apps. Most of the new Android apps allowing users to follow the development of the virus around the world (e.g. CovidLock) are malicious, contain ransomware or asking users for banking details. Equally, roughly 50% of COVID-19-related domain names created globally since December are estimated to have been designed to inject malicious software. There has also been an increase in scam campaigns or Business Email Compromises (BEC), which don’t necessarily distribute malwares, but ask users to pay a sum of money, whether that’s to help pay for masks or to make a charitable donation. Meanwhile, major spam campaigns have also been launched, deploying ransomwares, stealers (data thief) or banking malware (e.g. TrickBot, Agent Tesla, etc.).
3. Many of these attacks target workers
The influx of cyber attacks has been exacerbated by the fact that as each region has responded to the epidemic, huge swathes of populations have turned to remote working, almost at a moment’s notice. At the best of times, remote working solutions often become a backdoor to a company’s IT system. This can be done when employees access the company network via the cloud on unknown devices or unsecured networks – known as Shadow IT.
4. Practical steps to take
With this in mind, the last four months have been a stark reminder that both preparation and precaution are key when building and enacting robust cybersecurity. Given that many workers are currently working at home, it’s key that, where possible, workers only use the company’s IT devices and VPNs, and do not download foreign apps or software. It is equally imperative that the platforms businesses use to transfer data are appropriately secure. Equally, employees can continue to do their part by ensuring their devices are regularly updated with the latest security software, and they are using complex passwords and multi-factor authentication.
Find out more about Thales’ response to COVID-19 and learn more about how cybersecurity has evolved in these uncertain times in our COVID-19 Cyber Threat Assessment Report, here.
New horizons in cybersecurity
You can read the interview with Gareth Williams, VP, Secure Communications and Information Systems UK at Thales by the French Chamber of Great Britain.
Find out more about Thales in Wales and how Thales are mobilised in the fight against COVID-19.
