Shield yourself from cyber-attacks in times of covid-193 min read . Updated: 13 Apr 2020, 01:30 PM IST
- Online criminals are trying to exploit the current circumstances but here is what can be done to keep them at bay
Today, business leaders, C-suites and their teams face a dilemma of sorts in continuing business as usual amid the ongoing health safety concerns around covid-19. That said, the outbreak has created an unprecedented situation, which the world is today addressing in multiple ways. Technology has thus emerged as a key enabler in these times for enterprises, organisations and individuals alike to operate remotely. Though technology today has aided us to continue working in some way, it has also amplified risk. Organised cybercriminal groups are using some of the technology platforms to exploit the fear, uncertainty and doubt brought on by the situation.
So, what kind of cyber-attacks, threats and risks are we talking about?
As countries the world over get into lockdown mode and citizens work from home, cyber-security has come to become a growing issue. To this effect, there has been a rapid increase in attacks launched by cybercriminals. These attacks have been in multiple forms, ranging from ransomware attacks, remote access network attacks, spear-phishing attacks, through launch of fake mobile apps to setting up of websites with capabilities to deploy malware.
The world over, there has been a massive buildup of infrastructure by cybercriminals to lure targets and collect credentials and other sensitive information. The attackers have been proactive in launching cyber-attacks with incidents emerging as early as day one or two of the lockdown of sorts in certain countries globally.
As mentioned earlier, the attacks are coming in multiple forms. Just to give an example, an organisation that recently scaled up its remote connectivity environment to enable employees to work from home found itself to be under a ransomware attack on the very first day. This was not a mere coincidence but was due to heightened activities from the cyber attackers. Well-documented reports also suggest that malware is being injected into systems by logging on to websites that host specific information on covid-19. All visitors to these websites were exposed to malware, leading to the extraction of information from their systems.
Moreover, under the guise of providing relevant information on covid-19, there are mobile applications that are being disguised and can extract sensitive information from mobile phones, which are now being used to carry out financial transactions more than ever.
The shape and form of these attacks will keep on changing as the covid-19 outbreak progresses. There is, however, a crucial aspect that organisations and individuals alike will have to make a note of: cyber-attacks of such nature are launched in two circumstances. When a subject/domain is in significant demand and when the likelihood of the attack going through is high. Here are a few ways by which you can identify attackers’ giveaways when it comes to suspect emails.
a) Poor grammar, punctuation and spelling
b) Design and the appearance of the email isn’t what you would expect
c) It is not addressed to a name but uses terms such as ‘Dear colleague,’ ‘Dear friend’ or ‘Dear customer’
d) Includes a veiled threat or a false sense of urgency
e) Directly solicits personal or financial information.
So, how should these attacks be responded to?
These are testing times for organisations since information technology teams are under stress to meet the increased demands and simultaneously also manage the prospect of forthcoming cyber-attacks. While beefing up technology is important, creating awareness across the workforce is also imperative to overcome such attacks, coupled with specific advisories.
Important steps that organisations can take to reduce the ongoing risk include the following :
a) Raising awareness amongst teams, warning them of the heightened risk of COVID-19 themed phishing attacks
b) Providing continuous guidance to workers on how to ensure they remain secure. This could include instructions on avoiding connecting to unsecured/untrusted internet sources
c) All provided laptops being regularly updated with antivirus and security patches
d) Ensuring that multi-level authentication is enabled for remote working
e) Establishing a mechanism (helpline or online chat line) for advice or to report any security incident (including potential phishing)
f) Disabling USB drives to avoid the risk of malware, offering employees an alternative way of transferring data such as a collaboration tool
g) Back up being maintained for all critical systems along with anti-ransomware controls being deployed
h) Lastly, having a segregated environment can also enhance resilience to withstand cyber-attacks and enterprises should consider having alternative audio and video conferencing environments.
To sum up, covid-19 will drive significant changes to how organisations will come to operate and there may be a new ‘normal’ that may emerge as we overcome this crisis. It’s critical, however, that we ensure that our organisations in the meanwhile operate in a safe and secure manner.
Akhilesh Tuteja is co-leader, Global Cyber Security, KPMG International, and Atul Gupta is partner and head, IT Advisory; Cyber Security Leader, KPMG India.