Three months in: the cybersecurity and COVID-19 relationship
Since the COVID-19 pandemic began, related cyber-attacks have come forth and multiplied. Almost every industry has been affected, but non-profit, manufacturing and retail have seen the most attacks. In a report provided exclusively to Forbes last month, major security firm Mimecast examined the first 100 days of the crisis, its effect on cybercrime and the patterns that have been unfolding.
Types of cybercrime
Forbes contributor Emma Woollacott quotes the Mimecast report, which identified that between January and March spam and opportunistic detections increased by 26.3%, while impersonation was up 30.3%, malware by 35.16% and the blocking of URL clicks by 55.8%. Overall, detections were up by a third. “Criminals have been matching their scams to the news, with detections rocketing, for example, during the week that saw the first reports of COVID-19 infections in the UK, Italy and Spain.”
The Mimecast report also revealed that towards the end of March, when the UK and Australia first went into lockdown, a spoof WHO ‘Safety COVID-19 awareness’ email did the rounds, and it was much more sophisticated than previous cyberattacks.
Cyber criminals are also taking advantage of impersonation opportunities and exploiting the rise in remote working. Woollacott quotes Carl Wearn, head of e-crime at Mimecast: “Some of the increase undoubtedly reflects the increased opportunity presented by current circumstances, with isolated employees and the potential lack of suitably robust verification processes, which threat actors will hope to heavily exploit under the present lockdown measures.”
The industries most affected by COVID-19 related cybercrime is worrying yet unsurprising. Prominent charities have been subject to website spoofing in recent weeks, and two other key industries have been hit hard. Wearn told Forbes that “by volume, its primarily the retail and manufacturing sectors that are being hit most, almost certainly because they are the key verticals still in full swing or even taking on more employees at this time, and of course key to every nation’s response and subsequent recovery at present”.
Businesses in many industries and sectors have reduced or furloughed part of or all of their workforces, leaving them less vulnerable to cybercrime; but the sudden move to remote working means that even those businesses with reduced operations are still at risk. “Many companies had to rush to implement a work from home process with staff that had never had any cyber security awareness training,” says Wearn.
The target focus is shifting, however, as the pandemic develops. Mimecast detected a spike in attacks in the last two weeks on healthcare organisations, with malicious actors seeking to exfiltrate research data on developing vaccines and medicines. Attackers are also shifting focus to target employees across a broad sector range who are returning to work and returning to offices. “Several attacks use phishing emails, claiming to provide information about new pandemic-related office policies, with the goal of installing malware or stealing credentials”.
Keeping your business secure
The rise of sophisticated cyber threats means businesses should be cautious as they navigate the coming months. “It is important to be vigilant when communicating with third parties and suppliers, as there may well be an increase in the range of businesses folding in the coming months, and criminals may seek to exploit a company’s previous clients or customers,” says Wearn.
Businesses should ensure that they have the appropriate measures in place to maintain high levels of security, as well as ensuring that their employees are trained in the best possible way and aware of the types of attack.