Cyber Security Implications for Businesses During Covid-19

The increase in internet and mobile app adoption due to quarantine enforcement has also created an opportunity for cybercriminals who have increased their efforts in performing various cyberattacks. Since mid-march 2020, many companies have seen the rapid growth of infrastructure by cybercriminals used to launch COVID-19 themed spear-phishing attacks.

These attacks continue to underscore the impact of cyber risk on businesses today, particularly in the face of a pandemic. In this article, we will look at some of the attacks on the increase and what you can do to prevent them.

Some Of The Cyber Security and Business Risk On The Increase

1. Business Disruption

Data correlated across several threat intelligence platforms show that there has been an upward trend in attempted COVID-19 themed malware and spam campaigns.

There have been several fraudsters proposing to provide updates on COVID-19 spread, health updates, fake cures, leading to malware download and ransomware attacks. Some of these attacks, if successful, could lead to the unavailability of critical systems and data.

2. Fraud

COVID-19 themed spear-phishing (The act of sending an email that falsely claims to be from a legitimate organization. This is usually combined with a threat or request for information; for example, saying that an account will close, a balance is due, or information is missing from an account.

One of our previous clients had a lot of these over the past few months, and we were called in to circumvent the attacks. These attacks have lured customers and employees to fake websites seeking to collect customer banking details, credentials of critical systems such as Office 365.

There have been cases of impersonation of bank staff or staff of other top companies to lure unsuspecting customers into giving out sensitive information such as card details, one-time-passwords (OTP) to carry out fraudulent activities.

Fraud is also a key risk area, where a cyber attacker claims to be the CEO of the company and is under high time pressure to get a vital payment through.

3. Critical Data Breach

The remote working arrangement, which for many organizations is impromptu and never thoroughly planned, has increased the risk of loss of sensitive business and personal data.

How? The increase in the use of personal devices with limited or no security protection for business, inadequate awareness amongst staff, inadequate remote access security for critical systems has increased the occurrence of a breach of sensitive business data.

That, in turn, can lead to reputational damage as well as regulatory sanctions.

4. Third-Party Failures

As organizations worldwide adopt remote working arrangements, there is a widening of the attack surface due to third-party risk.

Many vendors providing support for critical services also have their employees provide support to clients from home, while some have to engage staff to perform services due to some employees’ unavailability.

The impact of third-party failures may lead to business disruptions, data breach, amongst others, if not properly managed.

What You Can Do About It

Having talked about all of the potential threats that could arise due to the activities of cyber theft. Here’s what you can do in response to those threats to reduce the risk to your organization, your customers, and your employees, particularly as you continue with remote working:

1. Raise awareness amongst your team, warning them of the heightened risk of COVID-19 themed phishing attacks.
2. Enhance your customers’ security awareness via email and text messages, providing tips on the safe use of your digital channels.
3. Share definitive sources of advice on how to stay safe and provide regular communications on the approach your organization is taking to the COVID-19 pandemic.
4. Make sure you set up strong passwords, and preferably two-factor authentication, for all remote access accounts.
5. Provide remote workers with straightforward guidance on how to use remote working solutions, including how to make sure they remain secure and tips on the identification of phishing.
6. Assess third-party risks of vendors who provide support for critical systems, digital interfaces, and channels.
7. Ensure that all provided laptops have up to date anti-virus and firewall software.
8. Run a helpline or online chat line which your staff and customers can easily access for advice or report any security concerns, including potential phishing.
9. Disable USB drives to avoid the risk of malware, offering employees an alternate way of transferring data such as a collaboration tool.
10. Ensure that your finance processes require finance teams to confirm any requests for large payments during the COVID-19 pandemic. This confirmation can help to guard against the increased risk of business email compromise and CEO frauds. Ideally, use a different channel such as phoning or texting to confirm an email request.
11. Ensure that you apply critical security patches and update firewalls and anti-virus software across your IT estate, including any laptops in use for remote working. You should expect organized crime groups to exploit any failures in the maintenance of IT systems during this pandemic.
12. Ensure that you back up all critical systems and validate the integrity of backups, ideally arranging for offline storage of backups regularly.

Don’t Wait Until The Attack Happens

It might be happening already without you knowing. Whether it has happened, is happening, or hasn’t happened, expect an increased risk of ransomware as the Covid-19 pandemic continues. Organized crime groups will continue to exploit COVID-19 with themed phishing.

Here are the key questions to answer:

• Have you assessed the cyber posture of new and existing systems being exposed for remote access?
• Can the current security incident monitoring mechanism support your organization in case of an increased attack on critical platforms?
• Have you identified single points of failure in the security architecture, and how do you plan to manage any resulting incident?
• Are you confident that your current cybersecurity awareness sufficiently and effectively covers your employees, third-party, and customers?

If you have any questions or would like additional advice, drop your questions or concerns in the comments or reach out to us.