Commentary: COVID-19 – as offices close, hackers work overtime
COVID-19 has triggered a perfect storm of panic, disruption, and widespread technological upheaval that constitutes the perfect breeding ground for cyberattacks, says Dathena’s Christopher Muffat.
SINGAPORE: They say crime never sleeps, and as the current coronavirus pandemic has shown, that’s doubly true for cybercrime.
While the world has been hunkering down and staying at home, hackers are busy sniffing out new opportunities and new vulnerabilities.
Some attacks that made headlines include hackers who created a malicious site mimicking the email system of the World Health Organization (WHO), and scam emails purporting to come from Prime Minister Lee Hsien Loong.
The unfortunate truth is that the pandemic has triggered a perfect storm of panic, disruption, and widespread technological upheaval that constitutes the perfect breeding ground for cyberattacks.
READ: Commentary: COVID-19 - time for businesses and workers to have the guts to embrace the new normal
In fact, cybersecurity companies say they’ve seen attacks soar since the virus swept in and changed our working habits. US ransomware-recover specialist MonsterCloud reported in end-March an incredible 800 per cent uptick in calls for help.
Clearly, companies have plenty to deal with at the moment – but with so much at stake, this is one area where businesses can’t afford to take their eyes off the ball.
HACKERS LOVE DISRUPTION
Why should a pandemic spark an increase in cyberattacks? Well, in part it’s that hackers like to strike when organisations are most vulnerable.
Hospitals, for instance, are less likely to balk at paying ransoms to restore access to their servers if they’re grappling with overflowing ICUs.
Similarly, criminals may believe – probably correctly – that corporations grappling with economic turmoil or logistical crises will be similarly easy to manipulate or extort.
A bigger reason, though, is that with countless employees shifting to remote work, there are a vast number of new vulnerabilities for hackers to exploit.
Remote workers are having to access corporate systems using mobile devices or home computers over which their employers may not have full control.
They may also be using unsecured Wi-Fi networks, accessing email via web portals – which, as the WHO case shows, can be cloned and mimicked by attackers – instead of their usual desktop apps, or conducting business online or over the phone that they’d usually be completing in person.
Even remote-working stalwarts such as Zoom can be vulnerable to disruption by online trolls, as Singapore educators learned to their cost this month. Such incidents highlight the risk of using unencrypted conferencing tools, and the importance of enabling all available security features on communication platforms.
Also troubling is the fact that the more time people spend online, the more likely they are to encounter malware and malicious websites. The workplace norms that ordinarily help steer people away from unsafe or inappropriate web browsing simply aren’t present when they’re working from home.
IT might still only be a phone-call away, but with nobody looking over their shoulders or peering into their cubicles, remote workers are far more likely to randomly click on unsafe links that they’d never visit while in the office.
THE HUMAN FACTOR
So how can you keep your organisation safe?
The technology you’re using will make a big difference. If your employees are using work-issued laptops or phones, then you’ll have more control over security issues.
Even if they aren’t though, you can still introduce standardised security features such as VPNs, password managers, or 2-factor authentication to minimise the risk of things going wrong.
Tech fixes can only take you so far, however. In virtually all cases, people are the weakest link in corporate security systems, and that will be especially true as stressed-out employees grapple with health issues, childcare concerns, economic worries, or simply the chaos of learning to do their jobs from their sofas instead of their desks.
This vulnerability means any effective cybersecurity strategy will need to focus less on technological solutions than on the human factor.
Cybercriminals have already unleashed a new wave of phishing attacks that prey on pandemic-related insecurities by appearing to offer official advice or help – from health tips that appear to originate from the WHO, to offers of assistance accessing government stimulus funding or tax relief.
Companies need to proactively warn employees to be on guard against such attacks, and ensure they know how to contact the IT team and report potential problems.
You’ll need to watch out for “shadow IT” too, because the rise in the number of people working from home will lead to employees improvising solutions to the challenges they’re facing. In many cases, they will wind up using their Office 365 or Gmail credentials to access cloud apps.
While the apps themselves are often harmless, they can increase your network’s total attack surface and potentially create new entry-points to private information that your cybersecurity team hasn’t planned for and isn’t actively monitoring.
Finally, you’ll need to pay close attention to how you’re protecting your company’s data and documents.
Are your remote workers able to download sensitive information from your organisation’s servers? What processes are in place to ensure that private or sensitive data is properly classified and handled correctly?
During a crisis, you need to assume that you’ll have multiple points of failure, both human and technological – and ensure that your organisation’s most sensitive information is properly guarded, even if hackers gain access to other parts of your network.
TIME TO GET SERIOUS
The bottom line is that cyberattacks are going to be a significant part of the new post-pandemic world that we all inhabit.
The US is looking to spend millions of dollars on cybersecurity programs as part of its pandemic response, while Singapore has set aside S$1 billion to build up the Government’s cybersecurity capabilities over the next three years.
That won’t come nearly soon enough, though, to help organisations as they wrestle with this new challenge.
During these difficult times, it’s more important than ever for organisations to take cybersecurity seriously, to be on guard against potential breaches, and to use every tool at their disposal to keep their data safe.
If cybercriminals aren’t sleeping, then businesses can’t afford to be caught napping either.
Christopher Muffat is the CEO and founder of Dathena, a Singapore-headquartered deep tech company providing AI-powered data privacy and security solutions.