Bad actors are always a threat to your enterprise’s devices and data security. They attack IT systems in order to gain sensitive information, spread malware and ransomware, and gain access to your accounts.
The routes bad actors take to attack your IT systems are always evolving, especially during a crisis.
Bad actors and COVID-19
According to the United States Department of Homeland Security Cybersecurity and Infrastructure Security Agency, cyber threats have increased because of the novel coronavirus in two main ways:
- Bad actors are using people’s desire to learn the latest COVID-19 news as a way to trick and trap them with phishing schemes and malware.
- Cybercriminals are targeting potentially vulnerable services that businesses use for teleworking, such as VPNs and video conferencing platforms.
These cyberthreats typically populate via email, SMS messages, and app-based messaging services in link or download format. When the victim clicks on the link or downloads the file or app, their device is either infected with malware or ransomware, or the hacker captures their sensitive data.
Bad actors may also create a false login webpage or email address to impersonate a reliable source, website, or popular person. The spoof looks very similar to the real entity in an effort to gain trust and collect user credentials or other sensitive information.
How bad actors behave is generally the same during the coronavirus pandemic as it was beforehand, but their attack volume has increased due to new opportunities, which means more users and data are being exploited during this vulnerable time.
How bad actors exploit users
Cybercriminals are upping their game during the COVID-19 crisis because they see the opportunities expand while business operations are done from home with less security and little planning. This is largely due to the increase of personnel accessing private networks for work while using VPNs without firewalls or intrusion detection systems. These escalated scenarios make your data at risk of exploitation by cybersecurity adversaries.
A common tactic bad actors are using is to title the email or attachment with COVID-19-related phrases, especially as it relates to financial inquiries specifically pertaining to stimulus money, as well as outbreak cases identified in the victim’s city. This tactic catches the victim’s attention and preys on their potential financial and health concerns.
How to defend against these attacks
Even though we are in the middle of this crisis, there are still ways you can defend your data and users against cyber attacks. To protect your enterprise from bad actors exploiting the crisis, practice these defensive actions:
- Only use trusted sources concerning the COVID-19 pandemic, including the WHO and the CDC. Encourage your employees to do the same.
- Educate your employees about what suspicious emails look like.
- Improve your cybersecurity initiatives for teleworking situations and inform your employees about telework best practices to keep your network safe.
- Require passwords for video conferencing; do not make meetings public.
- Help employees identify suspicious email activity so you can respond quickly to incidents.
- Develop a plan to respond to phishing and other incidents so you can minimize the damage.
Are you concerned that your enterprise is vulnerable? Learn more about our Threat & Vulnerability Management services.