COVID-19: The outlook for cyber security so far

We are all affected by COVID-19, to varying degrees, no matter what industry we are in.  The following article will look at the direct impact the pandemic is having on the security industry.    

 

The number of fake COVID-19 related apps and sites will continue to rise as the public’s appetite for more and immediate information grows during these unprecedented times.

As the numbers of malicious apps grow, there will be even more targeted “campaigns” at specific business industries in both the public and private sectors, which in turn will increase ransomware cases.

We are still in what may be the infancy stages of this global pandemic and COVID-19 will change the face of how many businesses and whole industries operate. This, in turn, will have a direct impact on what security will look like in the future.

The potentially catastrophic effects this pandemic will have on our healthcare system, businesses and economy are widely documented, with even the most credible authorities putting ambiguous disclaimers on the final impact. Cyber security is by no way immune to the difficulties, as many of us are industry-aligned, however in these strange times, what we have seen so far can help us hypothesise what the future may hold….. 


….Hackers have no chill


Attacks, Phishing, Scareware, Scams, Ransomware, Viruses: The cases of COVID-19 motivated security threats are vast and still growing. A few snippets, if you will:   

Within the first few days of global acknowledgment of pandemic status, the Department of Justice raised court action against website operators of coronavirusmedicalkit.com who claimed to supply World Health Organisation approved and endorsed COVID-19 testing kits. In return, ‘customers’ could expect to have their payment card credentials stolen along with much of their personal data.    

Thousands of coronavirus related websites are created daily with domain names including “coronaprevention”, “coronavirusmapping” and of course “sendyourenemycoronavirus”.   

Another common trend: the hijacking of routers to infect users with information-stealing malware by redirecting users to fake coronavirus information apps.  

The disclosure of a large-scale (unsuccessful) APT attack on the World Health Organisation itself, at the start of March, serves as a stark reminder that no one or no organisation is off-limits.  

With cyber crime now more profitable than the global illegal drug trade, if there was any doubt that ‘where there is turmoil, there is an opportunist with good IT skills’, the following is a snapshot of the spike in phishing attacks in Italy from mid-Feb for 30 days.

Data courtesy of Cynet 

 

It’s not just hoax apps and phoney websites.  Vulnerabilities have been discovered on at least three official Covid-19 apps designed to track infection rates.  As well as tracking infection it turns out they have been harvesting citizen’s sensitive information.  Bear in mind these are government apps.

So how is Covid-19 likely to affect cyber security?

Initial consensus…. 

With the requirement to work from home, users and organisations are more vulnerable to attack by malicious opportunists. 

Organisations will need to make great efforts to ensure that their security awareness education programmes and campaigns are refreshed with emphasis on the risks associated with working from home.   

 

The number of fake COVID19 related apps and sites will continue to rise as the public’s appetite for more and immediate information grows during these unprecedented times.   

 

As the numbers of malicious apps grow, there will be even more targeted “campaigns” at specific business industries in both the public and private sectors, which in turn will increase ransomware cases.    

 

We are still in what may be the infancy stages of this global pandemic and COVID-19 will change the face of how many businesses and whole industries operate. This, in turn, will have a direct impact on what security will look like in the future. 

With this in mind, we can assume that the need for robust, flexible and efficient security protocols, will be greater than ever.  The current climate of confusion, uncertainty and fear is the ideal breeding ground for exploiters.  At a time when cost-cutting seems a prudent and logical step, prudence must be weighed with the risk associated with under funding security.  

If you want to discuss the security hiring market in more details or require information, reach out:

ob@bestmansolutions.com 44 (0)203 488 5035 

 

 

 

 

Other Posts...

Vacancy: Security Systems Engineer- (DevSecOps)

Vacancy: Security Systems Engineer- (DevSecOps)

3rd August 2020
Read More
BLACKHAT GUEST SPEAKER: Owanate Bestman

BLACKHAT GUEST SPEAKER: Owanate Bestman

30th July 2020
Read More
10 Free Cyber Security Training Courses

10 Free Cyber Security Training Courses

28th July 2020
Read More