Cybercriminals are actively searching for fresh and more effective ways of leveraging enterprise security vulnerabilities. Examples of payment fraud, malware, theft of intellectual property, corporate espionage, and disinformation campaigns have all been emerging over the past several months. These attacks come from two fronts: cyber gangs send out highly targeted emails that take advantage of uncertainty related to pandemics, while they simultaneously exploit new weaknesses in the infrastructure due to the recent rush to remote work.
Factors Adding To Increased Vulnerabilities
Increased cloud usage due to the pandemic has created a wider attack surface for cybercriminals. Compounding this, the rapid explosion of changes in technology has increased the burden on corporate IT, raising the possibility of misconfigurations of the network.
The fallout has been substantial. The use of malicious URLs increased by almost 60 percent during the third quarter of 2020. During the same time, instances of malware spiked by 36 percent; impersonation attacks increased by 30 percent, and spam increased by 26 percent, with the vast majority of these attacks occurring via email.
While remote work and the transition to the cloud are nothing new, in response to the pandemic, 40 percent of organizations across North America and EMEA have been reported to have accelerated their cloud migration initiatives. Also, 84 percent of organizations expect to continue their COVID-related work from home initiatives even after the end of the pandemic.
Aware of this, bad actors are focusing on manipulating the telework infrastructure of businesses, including established VPN vulnerabilities. In this chain, they are also targeting the weakest link: the users.
For people working from home, it is easy to get distracted. While email is usually the starting point for these attacks, secret malicious codes are disseminated using familiar tools such as LinkedIn, Dropbox, Word, and Google Docs.
Bad actors depend on tactics that catch the attention of their intended targets and manipulate their fears about COVID and related political events.
The new global landscape has created a rich array of resources for cybercriminals. That includes COVID-19, the presidential election in the United States, Brexit, economic problems, shifts in government policy, and more. These generate confusion that the threat actors try to exploit.
Phishing Attacks linked to COVID
Other phishing attacks related to COVID rely on impersonation. They attempt to make it seem as if the email originated with a member of the Microsoft team, a healthcare authority, or even the company’s CEO of the intended victim. They may even use topic lines that play on the curiosity of the receiver. Few recent examples are here:
- Click here for Coronavirus-related information
- Changes to corporate policy concerning COVID-19
- COVID-19 preparation guidance
Since these messages appear as if being sent from someone who the target knows or another trusted source, it increases the likelihood that the attack will succeed.
It is recommended that businesses start by surveying the cybersecurity tools, policies, and safeguards they currently have in place and undertaking a comprehensive gap review to better defend against these attacks. Other protections include the use of multi-layered data security platforms, regularly upgrading applications with the latest security updates, mandating multi-factor authentication to be used in the organization, conducting daily backups, enforcing a consistent and effective response plan, and carrying out continuous training and education for employees. This last move could be the most significant since employees don’t click on phishing emails once they become knowledgeable about them.
Conclusion Cybercriminals are using COVID-19, the sudden surge in work from home, and current political affairs to trick their targets into clicking on malware-downloading email links. This calls for greater business preparedness, including response plans, security software, and cybersecurity awareness training.