Be Prepared: Pandemic Creates Targets of Opportunity for Cybercriminals

Apr  10 
Peter Cavicchia  Senior Vice President, Global General Services, Fiserv 

Working remotely accelerates the need for powerful defense strategies

As it spreads rapidly around the world, COVID-19 has triggered a huge spike in coronavirus-themed cybercrimes. Considering just the volume of threats so far, the pandemic could become the largest cybercrime theme of all time.

It's happening against a backdrop of the long-term trend toward increasing reliance on digital technologies and services, and that trend has taken a large leap forward with stay-at-home orders. The COVID-19 threat landscape presents new vulnerabilities in addition to heightening existing areas of risk.

It's important that businesses meet the challenge head on by identifying new weak points, preparing for a potential uptick in attacks, and adapting protections for sensitive data and critical systems.

Cybercriminals have found new ways to exploit the opportunities arising from the sudden transition to remote work. They seek to take advantage of poorly protected residential connections and employees mixing personal and business browsing that leaves them more open to malware attacks.

Researchers say lures related to the new coronavirus comprise more than 80 percent of the threat landscape, including more than 500,000 different variations of emails, 300,000-plus malicious URLs and more than 200,000 malicious attachments. We can also expect to see a surge in threats related to the upcoming distribution of federal relief money.   

Maintaining Security: Remote Workers

Remote workers should ensure their home routers have strong, unique passwords and are running the latest firmware. If possible, they should use a dedicated workstation for all business activity.

If remote workers must use personal devices, IT staff should verify that antivirus software and any other available safeguards are installed and up to date. Remind employees to store business data only in designated secure locations. Warn them about the risks of online activities they might feel more comfortable engaging in at home than they would at the office. Accessing pirated content or visiting adult websites can expose them to malware and other attacks.

It's important that businesses meet the challenge head on by identifying new weak points, preparing for a potential uptick in attacks, and adapting protections for sensitive data and critical systems.

Use Virtual Private Networks

Virtual private networks (VPNs) are valuable tools for protecting business communications and data when working remotely, and there has naturally been a huge jump in VPN use due to COVID-19. However, it's critical to use a VPN solution that's a good fit for your company and, above all, trustworthy.

Many VPNs track and share users' data and browsing activity, making VPNs an additional security risk rather than a safeguard. Be aware of the limitations of VPNs. While they can provide a secure and encrypted connection between remote devices and corporate networks, a VPN breached through credential theft or a malware infection could give hackers direct access to those networks.

We're seeing a steep uptick in phishing scams and other weaponized email attacks that play on the fear and uncertainty surrounding COVID-19 to steal credentials and spread malware. Bad actors are posing as the World Health Organization and the Centers for Disease Control and Prevention, using fake government relief checks as bait and touting fake COVID-19 tracking apps.

Criminals are also targeting businesses with more specific attacks, such as fake IT help desk messages and internal corporate emails. Businesses should make sure all employees, as well as any susceptible consumers, are aware of those coronavirus-themed scams and the best practices to avoid falling victim to one. There are many types of lures used to deploy the same types of attack vectors – the means by which a hacker can gain access to a computer or network server – to exploit system vulnerabilities.

The Top Priorities

Some of the more important controls are: 

  • Using a secure email gateway system that includes inspection and sandboxing of incoming messages. Strong controls can prevent the majority of threats from making it to your end-user technology
  • Applying up-to-date and effective endpoint security to protect corporate networks when accessed through remote devices. Behavioral and signature-based systems should ensure incident response teams can remotely access, respond, investigate and quarantine any threats that are not automatically handled by the endpoint's built-in functions
  • Relying on strong internet proxy monitoring and filtering of malicious sites with regularly updated intelligence. Blocking an endpoint from calling out to download malware or instructions from a ransomware threat is critical 
  • Using authenticated email. Make sure your clients can feel secure that an email sent by you is legitimate. Using a Sender Policy Framework and DomainKeys Identified Mail email protection helps prevent the delivery of malicious email messages to clients
  • Applying multifactor authentication. With rampant attempts to steal credentials and passwords through malware and phishing, a secondary factor of authentication is critical and can be the key measure in preventing single-account and large-scale compromise
  • Using encrypted data. Even if businesses can't prevent every unauthorized entry into their technology environments, they can make sure the data is unreadable to significantly reduce the effect of a network or database compromise
  • Relentlessly educating your workforce on threats and instituting a reporting mechanism to allow associates to report and send suspicious messages instantly to your security teams for review and action  

This more complex and perilous threat landscape makes big data tools and a data-centric defense strategy even more essential.

IT Professionals Must Be Doubly Vigilant

While COVID-19 has forced many workers to pause or drastically alter their routines, IT and cybersecurity professionals must be doubly vigilant. The Cybersecurity and Infrastructure Security Agency's recent Guidance on the Essential Critical Infrastructure Workforce notes the "special responsibility" to continue working, and businesses should strive to give those professionals the support and resources they need in these tumultuous times.

Now more than ever, good cybersecurity must extend beyond conventional approaches. This more complex and perilous threat landscape makes big data tools and a data-centric defense strategy even more essential. With more work being done remotely, strong cyber and tech units with efficient and collaborative work environments may be more valuable.

Businesses will need to be proactive in finding the best cybersecurity professionals for their teams because talent may be in higher demand than ever before. But with the right priorities, practices and people in place, workforces will be able to securely connect, communicate and carry on.