Updated: Apr 24, 2020
As the country’s focus has shifted to the health and wellbeing of residents and healthcare workers, cyber criminals shifted into overdrive, launching an increased number of attacks. Conference app Zoom, now being used by people to connect with friends, family, and co-workers, was the target of repeated hijackings, or “Zoom-bombing” events in which hackers gained access to private chats and broadcast inappropriate material to all participants.
At the same time, Maze ransomware attacks also increased. Maze attackers utilize multiple methods of intrusion to breach systems and encrypt data, which locks companies out of their systems and can halt business operations. However, there is an even more harmful risk in a Maze attack – the perpetrators also threaten to publicly release confidential and proprietary company information in order to extort a ransom payment.
With more employees working remotely those attacks are expected to continue to climb and companies should expect more phishing attempts and more exposure to potential system breach. Yet while phishing methods have not changed, the messages hackers are using to breach systems are echoing current events.
In some cases, the security community is fighting back. Several security experts from top IT companies have formed a COVID-19 CTI (Cyber Threat Intelligence) League, focused on countering any attempts by hackers to exploit the current pandemic. The group announced that in just a few weeks, over 100,000 domains had been registered that contained the terms “covid,” “virus,” or “corona.” And while many of the domains may be legitimate, the team suggests all should be treated with suspicion until verified.
That becomes critical as hackers ramp up efforts to gain access through phishing emails. One study of phishing email volume and COVID-19-related threats reveals that the current pandemic represents the “largest coalescing of cyber attack types around a single theme” possibly in history.
Now is the time for companies to communicate the heightened threat and the need for extra vigilance to employees.
Some phishing attempts to watch out for include:
Official-looking emails purportedly from the Centres for Disease Control or World Health Organization that contain links
Online offers suggesting either COVID-19 treatments or prevention tips and products
Emails asking for donations to local or national charities
Free downloads or attachments of COVID-19 guidelines
Top Tips for preventing breach
Fortunately, the same methods for preventing breach are ones that your company can apply right now to thwart the increased risks.
The best line of defence in any phishing attempt is your employees. Take steps to increase your employees’ education in both recognising and reporting phishing emails. We recommend the following vetting process:
Who is the sender? Check email addresses. Is the address recognizable? Is there a chance this email address has been spoofed?
Were you expecting an email from this person? When in doubt, call. Verify that the person listed actually sent the email.
Think before you click. When in doubt, don’t click on any links or attachments. Doing so could unleash malware.
Never download anything without verifying that it came from a legitimate source. If you can’t verify it, report it to the designated department.
Never share access, logins, financial data, or personal information.
Implement a two- or three-part verification system. Hackers have been known to spoof email addresses from managers, then request bank transfers. Have a process in place that requires two people within the company to verify by voice the request and require your financial institution to do so as well.
Avoid using emailed links as much as possible. Particularly with donation requests, hackers can obtain financial information by posing as a charity. Instead, go directly to the charity’s website and donate from there.
Keep software up-to-date
Even the basic practice of installing regular patches and updates can protect your systems from breach. Updates often contain fixes to security flaws and any bugs that could create open doors for hackers. Simply updating these programs regularly can strengthen your security.
Don’t be the easiest target
The easier your system is to breach, the less prepared your employees are against phishing scams, the more likely hackers will exploit these gaps in security. Making it more difficult for hackers to gain access means they are that much more likely to move on to easier targets.
Keep your security plan active. Require regular password changes. Get the buy-in of your entire organisation and make security part of the culture.
Even in the midst of a global crisis, cyber thieves will continue to operate and even increase their activities. Your company should be aware that hackers have shifted the message to capitalise on the pandemic and our thirst for information and advice.
While their methods have changed, the advice for thwarting thieves remains the same, and already recommended best practices can help protect your company’s systems.
No matter what the crisis, expect hackers to be ready to exploit it. By strengthening both your employees’ training and your system readiness, your company can strengthen its security posture and help decrease the chance of a breach.
The information and guidance in this newsletter has been supplied by Axa XL, an insurer partner of Northern Risk Solutions