Coronavirus: Cyber Attacks Peaking
Posted 05/05/2020 by growe
Cybercriminals are exploiting the spread of COVID-19 and fraud and cybercrime have both seen a significant increase, particularly bank attacks which have spiked by 38% since the pandemic hit us.
On Tuesday 5th of May Foreign Secretary Dominic Raab warned the nation of the criminal gangs that are exploiting the coronavirus crisis for fraud. Stating that, “we have clear evidence now that these criminal gangs are actively targeting national and international organisations” and that the attacks “tend to be designed to steal bulk personal data, intellectual property and wider information”.
These criminals have been quick to take advantage of the international fear and vulnerability of the public by using lures with a Coronavirus theme to trigger a response from people they target. The National Cyber Security Centre has described how criminals have spread malware via emails claiming to contain important updates about Coronavirus, and attempts have also been made to scam unsuspecting users to gather sensitive information by phishing passwords.
The World Health Organisation (WHO) warned of fraudulent emails sent by criminals posing as them and spreading phishing ‘clickbait’ links through email and social media. The sites following on from the link imitated as the World Health Organisation, using the same logo, layout, designs, etc, making it considerably difficult to distinguish.
The techniques exploiting the pandemic online have been predominantly done through phishing scam emails with “important updates” and malware infested site links, these have been seen in several countries and have led to the loss of both money and sensitive data.
In response to threats and the increase of cybercrime the NCSC has taken steps to discover and take down malicious sites exploiting the COVID-19 outbreak. Due to the uncertainty of the current situation you may now be more tempted than ever to click on a link claiming to contain important updates about COVID-19 and because of this these scams will catch many people off guard. The NCSC recommends that the public follows existing advice on how to spot and deal with suspicious emails and how to protect against malware threats such as ransomware.
If you receive an email you believe to be suspicious you can report this to the NCSC by forwarding it to firstname.lastname@example.org
Additionally, Mimecast Threat Intelligence reported that the company’s email security systems prevented delivery of nearly 24 million suspected coronavirus phishing emails in the week leading up to March 23 and has since identified more than a dozen indicators for prominent COVID-19 phishing attacks and warned of the following subject lines for email phishing scams.
- “CORONA Virus Update on our Premises ID”
- “Coronavirus Sensitive Matter”
- “COVID-19 update”
- “COVID info #”
- “Covid_19 medical support”
- “COVID_19 Designated Free Testing Centres in your Locality”
- “COVID_19 alert id”
As most workers are now using their own devices, we believe that email security is currently the most urgent method in protecting your business as the attackers exploiting this pandemic are predominantly striking through phishing scam emails. Complicating the problem is the fact that email communications have increased, so if a cybercriminal gets into the network they could find out a lot more about business operations than they potentially could have previously.
An effective email security software should protect against all internal and external email threats and safeguard your business against anti-virus/ anti-spam, email continuity, email security (impersonation protection, detailed attachment scanning) and email archiving. Find out more about how razorblue can help you with this here.
The rapid shift to remote working from businesses has also led to security standards being relaxed, and cybercriminals are taking advantage of the gates being open.
Anyone working remotely needs to access corporate services and applications, from the outside world. Many businesses were not well prepared for this switch and had to make knee-jerk adjustments, including allowing their workforce to access corporate resources from home PC’s with potentially inadequate protection in place. Others have not yet rolled out MFA (Multi Factor Authentication) meaning their corporate resources and sensitive data are much more exposed to unauthorised access.
It is important to not just present out your internal applications/ services if their configuration would pose a risk of data leakage. For example, if copy/ paste between virtual applications and local devices is permitted, that environment should not be presented externally.
Instead, a separate environment should be created which bars functionality.
There is more than one element to securing your network, and no single product can ensure full protection. The most effective and secure protection includes:
- Next Generation Firewalls
These give you visibility, control and protection of the traffic flowing through your network, even if it is encrypted.
Using a number of efficacious anti-virus products, will provide your business with leading protection against evolving cyber threats and viruses that are aiming to hack into your organisations confidential data.
- Email Security
Installing an effective email security software will provide protection against all external and email threats, and as phishing scams are one of the most successful forms of hacking, this is essential. This will safeguard the business against anti-virus/ anti-spam, email continuity, email security (impersonation protection, detailed attachment scanning) and email archiving.
If you have any concerns over the security of your business during these times, please do not hesitate to get in touch.