SINGAPORE (Apr 8): As the global Covid-19 pandemic rages on, cyber criminals are preying on public concerns about the Covid-19 pandemic and unprecedented changes to workplace practices to ramp up their attacks.
A survey of 411 IT and security experts from organisations with more than 500 employees commissioned by cybersecurity firm Check Point Software Technologies found that 71% of respondents reported an increase in security threats or attacks since the outbreak of the virus. The most prevalent of these were phishing attempts (cited by 55% of respondents), disinformation from malicious websites (32%) and increases in malware (28%).
These findings follow an earlier study by the firm which found that Covid-19-related websites are 50% more likely to be malicious than other domains registered since the beginning of this year. The number of new domains registered online has exploded tenfold since the end of February 2020, with 0.8% of these domains found to be malicious and 19% to be suspicious in nature.
In particular, the firm discovered hackers targeting unsuspecting users by offering them fake “once-in-a-lifetime” Covid-19 deals for premium goods concealing malware within. Hackers have even taken to the dark web to provide special offers on hacking equipment and services using “COVID-19” or “coronavirus” as a discount code, increasing the likelihood of cyber attacks occurring.
Said Rafi Kretchmer, head of product marketing at Check Point: “The Coronavirus pandemic has created a perfect storm of a global news event together with dramatic changes in working practices and the technologies used by organisations. This has meant a significant increase in the attack surface of many organisations, which is compromising their security postures.”
Worse, the widespread introduction of remote working measures has also left firms more vulnerable to IT security threats. The study found that 95% of experts surveyed have reported additional security threats arising from work from home measures.
The most common difficulties faced were providing secure remote access for employees (56%) and scaling up existing cybersecurity solutions for remote access (55%). Experts were also worried about employees using Shadow IT solutions while working from home, with 47% highlighting the threat that untested software, tools and services can pose to organisations.
The speed with which the pandemic is playing out has 61% of respondents worried about the potential security risks they might incur while making the rapid changes to their organisation’s remote working systems. Respondents were also uncertain about whether their existing remote access security systems would hold up in the coming months (55%) as well as the challenges they would face in scaling up end-point security (49%).
“To ensure security and business continuity in this rapidly evolving situation, organisations need to protect themselves with a holistic, end-to-end security architecture. This means ensuring accessible and relatable connections between corporate networks and remote devices 24/7, promoting collaboration and productivity between teams, networks and offices, and deploying robust protection against advanced threats and cybercrime techniques at all points on the enterprise network fabric,” advised Kretchmer.
Check Point advises users to be cautious with emails and files from unknown sources, particularly those offering lucrative discounts on purchases and to only order goods from authentic sources by visiting their website directly. Users should also be cautious about opening unknown attachments or links in emails.
“Remember that as well as washing your hands regularly, it’s important to keep up your cyber-hygiene, too,” the firm warned.
