The unprecedented times we are living in continue to evolve. In a rare move, the U.S. Department of Homeland Security (DHS), the Cybersecurity and Infrastructure Security Agency (CISA), and the United Kingdom’s National Cyber Security Centre (NCSC) released a joint alert on growing cybersecurity threats that are directly related to the COVID-19 crisis. This important notification should not come as a surprise but certainly serves as a reminder of how precarious and dangerous the threat environment is during COVID-19.
Bad Actors Take Advantage of COVID-19
The situation that the world finds itself in has created the perfect storm for bad actors to take advantage of. Many factors play into this raised threat level, however one of the biggest factors is the millions of people now working remotely from their significantly less secure home networks using remote connection technologies that are being overwhelmed and have flaws of their own. Add to these millions of students ranging from elementary school to graduate level also working remotely. The pool of easy targets for attackers has grown exponentially.
While tens of millions more people are working in less secure environments and more easily breached networks, many criminals that make their living with physical crimes are turning to remote ways to maintain their income. Add to this the tens of millions of people who have lost their jobs in the last month and some percentage of those people may be desperate enough to turn to criminal activity to make ends meet. Meaning there is, potentially, a quickly growing criminal population that, as a whole, is shifting their focus to remote theft and other computer-based crimes.
Phishing is a Popular Tactic and Increasing During COVID-19
The alert from DHS, CISA, and NCSC confirms that these circumstances have in fact led to a significant uptick in attacks. In particular attacks that use the COVID-19 crisis as bait to entice victims to click malicious links, open phishing emails, and respond to fraudulent messages. The alert itself has a list of specific threats and campaigns that have been seen. This list includes phishing, ransomware, SMShing, vishing, and exploitation of the remote working infrastructure that in many cases was hastily constructed. Google has said there was a 350% increase in phishing websites in March alone and KnowBe4 reports a 667% increase in attempted phishing attacks for March and notes that healthcare continues to be one of the most targeted industries.
Creating Awareness Is the First Step
To mitigate these threats there is an abundance of technical and non-technical actions that can be taken, and these are outlined in detail in the original alert. In addition, the most important step that can help to mitigate these elevated threats is to ensure that all users are aware of the threat. Awareness training has always been a crucial part of the corporate security toolkit, but in a time where the vast majority of employees are working remotely the importance of appropriate, regular and effective awareness training has never been more pronounced.