The U.S. Chamber of Commerce recently released a new report looking at the evolution of Cybersecurity threats during 2020, specifically during the COVID-19 pandemic. The pandemic has impacted businesses and individuals across every industry and geographic region. One of the significant areas affected is day-to-day work life. Remote work became the new normal for millions across the nation. Even as restrictions were cut back in recent months, remote work remained an option for many jobs. With the rise of remote work, cybersecurity threats have also evolved
COVID-19 has changed many aspects of our lives—working from home, virtual meetings and digital commerce are becoming our new normal—and there’s no reason to think that all of this will revert to the old normal once the pandemic wanes. Cybercriminals have taken advantage of this ‘new normal’ and have been exploiting cyber vulnerabilities among businesses. Here are some of the ways COVVID-19 has impacted Cyber Security according to the U.S. Chamber of Commerce.
New opportunities to take advantage of cyber vulnerabilities
This crisis has provided malicious cyber actors with opportunities to take advantage of cyber vulnerabilities on a new scale. For example, according to the multinational cybersecurity software company Trend Micro, there was a 260% increase in clickthroughs to malicious Uniform Resource Locators (URLs) related to COVID-19 from February to March 2020. Trend Micro also reports that the United States is the top location for spam and malware detections and users accessing malicious URLs. Google sees more than 240 million emails per day related to COVID-19 scams, and Trend Micro reports that 91.5% of malicious cyberattacks executed in the COVID-19 era were conducted through spam emails.
These malicious actors are preying on anxious consumers who are more susceptible to social engineering ploys and phishing emails claiming to have information on COVID-19 cures, treatments, vaccines, and government stimulus payments.
In other phishing cases, malicious actors impersonate senior executives and ask junior employees for help with financial transactions. These business email compromise cases are not new to the COVID-19 period, but the frequency for these cyber-enabled crimes has significantly increased. Additionally, the average ransom demand has increased from $800k in Q4 of 2019 to $1.3 million in Q1 of 2020, according to Trend Micro.
The remote working environment
Cybercriminals have increased their attacks on remote login services due to the transition to a remote working environment. Trend Micro reports that over 1.2 million attempts were made to compromise remote login services, with 89% of these attacks being executed through brute force.
Federal law enforcement officials have taken note of these trends and are working on handling them. Michael D’Ambrosio, assistant director of the U.S. Secret Service and head of its Office of Investigations, commented that the COVID-19 pandemic “provides criminals opportunities on a scale likely to dwarf anything seen before.” He added that significant targets include companies involved in the financial services and healthcare services industries that often are the target of malicious ransomware designed to take down entire systems. He sees an exponential increase in phishing, spearphishing, and fraud attempts, further complicating defensive measures.
Continued focus on the same targeted industries as before the pandemic
Many of the cyber espionage, cybercrime, and even information operations campaigns have focused on the same targeted industries and regions as before the pandemic. They have not demonstrated any new or particularly sophisticated tactics. According to reporting in The Wall Street Journal, the top three areas that were ransomware targets in the first three months of 2020 were professional services, healthcare, and the public sector. However, organizations in industries related to COVID-19 response and relief efforts—such as healthcare, pharmaceutical, and research entities—may face threats due to their work nature. Over the past several months, several U.S. and foreign government agencies, including the U.S. Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the National Counterintelligence and Security Center, have spotlighted the threat to healthcare, research, and pharmaceutical organizations. Additionally, the shift to remote work that many organizations have undergone may result in new security challenges and risks or exacerbate existing ones.
An increase in cyberattacks linked to the pandemic
to Trend Micro, in the first quarter of this year, there were nearly 1 million spam messages sent, 48,000 hits on malicious URLs, and 737 pieces of malware detected—all tailored with content relevant to COVID-19. Often, these attacks prey on people’s emotions or simply their desire to learn about the pandemic.
This is especially true in phishing (fraudulent email or website scams) attacks, which take advantage of short attention spans and seek to build trust quickly with the recipient.
Adapting to a new virtual working environment
The virtual environment has introduced other unique challenges, including increased phishing, spearphishing, and malware attacks. Cyber actors have been using existing malware and infrastructure and are creating new lures to breach networks and access proprietary data. Businesses must deal with uneven security knowledge among their employees, many of whom work remotely for the first time and are not familiar with remote work security procedures. This can lead to information leakage, cyber-enabled fraud, or disinformation spread through error or inattention. The expanded threat surface also provides additional vectors for malicious cyber actors to leverage the virtual working environment for their illicit purposes. Set forth below is a deeper dive into the six recommendations outlined earlier in this report regarding better secure virtual working environments.
The recent outbreak of the Coronavirus is changing the business world, and companies and individuals need to be prepared. Reviewing your cyber security processes and services during this time is critical.
The cyber security experts at Lazarus Alliance have deep knowledge of the cyber security field, are continually monitoring the latest information security threats, and are committed to protecting organizations of all sizes from security breaches.
Lazarus Alliance is proactive cyber security®. Call 1-888-896-7580 to discuss your organization’s cyber security needs and find out how we can help your organization adhere to cyber security regulations, maintain compliance, and secure your systems.