As though companies didn’t have enough to deal with during the chaos of the COVID-19 pandemic, hackers are now using the global confusion as a cover for their schemes. With the increases in information appetites, hackers (both political and criminal) quickly pounced on the trend and created exploits perfectly suited to defraud individuals and organizations.
Cybersecurity firms have kept a close eye on developments and continue to report back frequently about the increases in phishing scams and malware exploits. By A
pril 15 of 2020, the Federal Trade Commission (FTC) received more than 18,000 reports of COVID-19 related scams, leading to more than $13.4 million in financial losses. For companies to survive the storm, it’ll be essential to ensure everyone knows the latest risks, and they implement the necessary protections to keep information safe during the pandemic.
Rise in Cybercrime and Malware Infections during COVID-19
According to analysts, the current coronavirus pandemic provides the perfect opportunity for a hacking attempt to exploit an information system. The pandemic required many workers to shelter in place and work from home. Remote work increases an organization’s attack surface and puts IT departments under pressure, but there’s also a physiological element to the increased number of cyberattacks.
As people become more concerned about their health and environment, they’ll be more prone to clicking on a malicious link. Phishing attempts have become sophisticated attacks that target individuals or organizations with highly specific communications. Even the most adept IT professional can fall prey to a sophisticated phishing attack.
Types of Cyberattacks Companies and Individuals Should Expect
Since the start of the pandemic, hackers have deployed sophisticated attacks to defraud the public. The first attacks used malicious domains that copied information from legitimate COVID-19 sites but used this opportunity to install a virus or malware on a device.
Additional attack types reported includes:
● Tax and rebate phishing scams requesting personal information about organizations and individuals.
● Scams that used stimulus packages and applications to defraud organizations.
● Domains hosting malware, relating to the COVID-19 pandemic, are being deployed more via digital efforts.
● Offers and requests for Personal Protective Equipment (PPE) are fraudulent.
Protecting Your Organization against COVID-19 Scams
Improving the company’s cybersecurity remains a priority during normal operations, but with the increased panic and anxiety of the pandemic increases the risks. As staff may be working remotely and using their own devices, it already adds a burden to the company’s information security systems.
To secure the company’s networks and prevent an attack from succeeding, the organization needs to understand the risks involved. Increased vigilance from employees, network security staff, and executives can help companies to reduce the likelihood of a hacker compromising their system using a COVID-19 related cyberattack. Here’s what companies should do to protect themselves.
1. Inform all Staff of the Increased Risk
Staff should know that any message relating to the COVID-19 pandemic is suspect. If they didn’t sign-up for a newsletter or file an application and receive a message from a government agency, they should never open the email or click on any link it contains. Instead, staff should forward these emails and communications to the IT department and report all suspicious messages to network professionals.
2. Improve the Home Office Network Security
For staff that is working from home, use information security policies to secure the company’s networks. Although organizations won’t be able to deploy enterprise-grade security on all employee networks, whenever staff access company information also ensure they use secure connections like a Virtual Private Network (VPN).
3. Separate Work and Personal Devices Where Possible
Wherever the company can, they’ll need to issue staff with dedicated work devices and enforce policies that help their IT department keep equipment secure. IT technicians need to remove administrative permissions from devices, deploy endpoint antivirus software, and prevent employees from using devices for personal reasons with security policies.
4. Secure Information with Disaster Recovery Solutions
Even with the best cybersecurity in place, hackers may still find a way to penetrate the network. To ensure the company can recover from an attack, they’ll need a disaster recovery solution to backup all information and encrypt it while at rest. If a ransomware attack succeeds, it will limit the damage the company suffers and enable them to recover without having to pay an exorbitant ransom for their information.
How Blue Technologies and Managed IT Services Can Help
Managed IT Services is the shortest route available for organizations to improve cybersecurity while keeping employees productive during challenging times. With Blue Technologies, the company can improve its network security and gain access to IT professionals that can help prevent a cyberattack from succeeding. Our experts will work with the organization to understand its unique attack surface, develop an integrated cybersecurity solution, and help improve its IT security.
To protect your organization against COVID-19 phishing and malware attacks, apply Managed IT Services solutions from Blue Technologies to improve your cybersecurity today.