> COVID and Cybersecurity
COVID and Cybersecurity
May 14th, 2020
The Novel Coronavirus has sparked changes in every facet of our lives ranging from our social practices to our medical care. While most of the focus has been on the medical and economic aspects of this pandemic, it is also important to be aware and vigilant of the cybersecurity vulnerabilities. Unfortunately, cybercriminals are taking advantage of the situation and exploiting the pandemic for data infringement and scams.
Both the Cybersecurity and Infrastructure Security Agency (CISA) and United Kingdom’s National Cyber Security Centre (NCSC) reported a growth of COVID-19 linked malicious cyber actors. These reported threats include phishing, malware distribution, reporting false information, and teleworking-related attacks. Be careful of social engineering attacks by verifying sources of information and validating the resources. Do not open suspicious or unknown files, this can cause a malware attack that is hidden in emails.
As always, follow best practices when online and in your email communications. Verify charities prior to donating, to ensure they are legitimate charitable organizations. Ensure that you are obtaining your COVID-19 updates and news from trustworthy and legitimate news sites. In addition to spreading false information, hackers are launching phishing and malware attacks linked to COVID-19 related correspondence.
Phishing attacks have primarily been found in emails with subject lines concerning COVID-19 updates, news, and emergency notifications. These emails include a link to a malicious website for users to click and fall victim to data theft. In addition to email correspondence, phishing attacks have also been found in the form of text messages via mobile or messaging apps with similar messages and links. Phishing attacks that contain file attachments may lead users to download and launch a malware or ransomware attack on their system compromising their workstation.
Due to the sudden increase in usage of teleworking, organizations must be careful and observant for security anomalies. Constantly monitor your VPN products for vulnerabilities and utilize secure, private communications platforms for meetings.
Overall, whether you are an organization or an individual, ensure that you are taking security precautions like utilizing a VPN and monitoring activity, having security features updated, enabling firewall and anti-malware software. Prevent massive repercussions of data loss by regularly backing up your data and important files, changing your passwords periodically/implementing multi-factor authentication, and periodically scanning for vulnerabilities on your system.