A View of COVID-19’s First Wave of Cybersecurity

COVID-19 changed the world in ways we never thought possible. While this pandemic hit us with new and seemingly insurmountable challenges, cybercriminals saw new opportunities to take advantage of.

Here are the difficulties we will continue to see, and some thoughts on how to mitigate the damage from these events.

The Rise in COVID-19 Related Phishing and Ransomware Attacks

Since the pandemic began, we have seen a 37% spike in ransomware, phishing, and malspam attacks. 

Cybercriminals are using COVID-19 to impersonate brands and health officials to mislead customers and employees. Since the world is in a state of panic, people are more likely to click on these malicious links, which will result in more infected computer systems and mobile devices.

Worse still, hospitals are now a popular target for criminals; they use ransomware to hold vital systems used to treat COVID-19 patients hostage until they pay the ransom.

Organizations need to take proactive steps to train their staff to be more cautious, especially when opening links, emails, and documents regarding COVID-19. Organizations should ensure their detection and alerting mechanisms are working correctly while almost their entire staff is working remotely.

Increased Vulnerabilities from Remote Working and Learning

Enterprise VPNs are now a critical lifeline to companies and schools; their security and availability will be a considerable focus.

However, using a VPN does not mean you are automatically secured. Misconfigured VPNs can lead to unintentionally exposing sensitive information and exposing devices to DDoS attacks.

Workers may use their personal computers to perform business tasks. If these devices aren’t correctly secured, they can open organizations to an enormous amount of risk.

Cyber-Attack Detection and Response Delays

Due to the pandemic, the effectiveness of security teams is impaired and making responding to threats far more difficult. Installing security patches may be a challenge if security teams are not present.

Organizations should evaluate their defenses and explore the idea of using external consultants for areas where key risks have been identified

Reduction in Physical Security

Some workers may be working from improperly secured connections, exposing your company’s sensitive data to cybercriminals through those employees.

Train your employees on the importance of securing their network connections using properly configured VPNs and other technologies that will help their data on their systems, and their connections, stay secure.

An Influx of Cyber Criminals

As companies are downsizing and laying employees off left and right, this situation leaves millions of people without a means to support themselves and their families. Some may go into cybercrime as a means to support their families.

Ensure your company has an exit plan in place for employees you can no longer keep on staff. Help them find a way to keep money flowing during this time of crisis.

Business Continuity Plans to Feature Global Pandemics

Quick, reactionary changes have introduced a high amount of risk to businesses at an unprecedented rate. Organizations are struggling to adapt to the changes going on around them, and they are vulnerable on every front.

With this crisis still waging on, companies need to revisit their continuity plans to maintain critical operations at an acceptable level. 

The world will never be like it was before this pandemic started. This pandemic has introduced us to a new normal that is here to stay. We must make sure that we can keep the data of our businesses and our customers safe during these trying times.