The COVID-19 pandemic re-shaped pretty much every industry on the planet, and cyber security was no different. With most of the world stuck at home online, new cyber threats emerged during 2020 and 2021, forcing the cyber security industry to pivot rapidly.
New businesses were transitioning to digital, employees were suddenly working at home with far fewer cyber protections, and countries around the world reported a spike in phishing and online attacks: Switzerland clocked 350 cyber-attacks in April 2020, compared to around 150 the year before; by July 2020, City of London police were reporting GBP 11 million had been lost due to COVID-19 scams. In Australia, a cybercrime is now reported every eight minutes, as criminals and scammers take advantage of more people working from home.
So what new threats have arisen during COVID, and how can we avoid them in the future?
Phishing scams occur when cybercriminals impersonate legitimate businesses in an attempt to obtain personal information. Unfortunately, studies show that 47% of individuals fall for phishing attacks while working from home. Even worse, according to Deloitte, the average cost of a data breach resulting from remote work can be up to $137,000. When COVID broke in March 2020, phishing scams multiplied around the world, with many criminals impersonating government agencies to obtain personal login information. These scams took the form of emails, automated text messages, and even offers of rapid antigen tests (RATs). ACM has compiled a list of current scams at scamwatch.gov.au and cyber.gov.au.
As always, the best defense against phishing is vigilance and common sense: don’t reply to texts or emails from unknown sources, change your passwords often, and limit the amount of personal information you share on social media.
2. Video conferencing
When remote work exploded in 2020, the rapid shift to video conferencing software left many users vulnerable.
According to Deloitte, between February and May 2020 more than half a million people were affected by breaches in which personal login data for video conferencing services was stolen and sold on the dark web. A tool called ‘OpenBullet’ was the main culprit, allowing hackers during the pandemic to experiment with credential stuffing techniques to breach multiple accounts and compromise business activity. In early 2020, the FBI even released a warning about teleconferencing and online classrooms being ‘hijacked’. Considering the sheer size of the digital shift – Zoom alone, for example, recorded 200 million users in March 2020, compared to 10 million the year before – a rise in cyber-attacks was probably inevitable.
To stay safe when conferencing, you should use take basic precautions: encrypt your home WIFI connection, change the default passwords for your router and network, and use secure, encrypted video conferencing tools wherever possible.
Ransomware attacks rocketed 148% in March 2020, according to VMware Carbon Black threat researchers, with many of the new threats targeting industries thrown into chaos by the pandemic: health services, medical facilities, supply chains and so on. COVID saw traditional scattergun ransomware trends become much more focussed, targeted at specific systems and industries, including government, banking and manufacturing.
Cloud storage also came under threat, as companies rapidly transitioned their business activities to the cloud, occasionally without understanding the inherent security complexities. Misconfigurations in cloud security led to threat actor group TeamTNT compromising almost 50,000 IP addresses in the US and China last year, as well as stealing metadata from cloud service providers. Good cyber hygiene is obviously crucial to prevent ransomware attacks, as is hiring qualified cyber experts to configure your cloud security settings. Two-factor authentication has also proven effective in reducing the likelihood of an attack.
4. Bring your own device
Because of the speed of the remote work transition in 2020, many small and medium enterprises were caught out with a ‘Bring Your Own Device’ (BYOD) policy, rather than a Corporate Owned Personally Enabled (COPE) approach. This meant that many employees were using their own personal laptops for work; laptops which were either not adequately protected, or using outdated, overlapping software. It also meant that an organisation’s entire cyber network now often hinged on the encryption strength of the average user’s home WIFI router. This obviously made several organisations extremely vulnerable.
According to cybersecurity company Darktrace, the proportion of attacks targeting home workers increased from 12% of malicious email traffic before the UK’s first lockdown to more than 60% just six weeks later. In August 2020, Malwarebytes surveyed 200 IT and cyber security professionals and found that, since the start of the pandemic, remote workers caused a security breach in 20% of organisations. The solution? Well, office connections will generally be more secure than home ones, but if you must work from home, using a company laptop with consistent (and up-to-date) cyber software is a good first step.
Want to learn more about Cyber Security for yourself or for your business? Check out our suite of Cyber Security courses here