From impersonating calls on video conferencing platforms to phishing emails sent in the name of seeking aid for covid relief, cyber attacks continue to flare up amid the ongoing pandemic.
Recent reports have showed a significant increase in some of these incidents in the past few weeks.
Check Point has reported a 30% increase in coronavirus-related cyberattacks every week over the last three weeks. A total of 192,000 in incidents were detected.
Almost 20,000 new coronavirus-related domains were registered during the same period and 17% of these were found to be malicious or suspicious.
Many of these campaigns are trying to impersonate calls from widely used conferencing platforms like Zoom, Microsoft Teams and Google Meet.
Zoom has had its share of privacy issues, which they have addressed by enhancing security protocol. However, these new features are applicable for genuine Zoom calls. As per Check Point, use of fake Zoom domains for phishing activity has increased during the pandemic.
Just to be sure, in the last 3 weeks, around 2,500 new Zoom-related domains were registered and 1.5% of these domains were found to be malicious while 13% looked suspicious.
Phishing emails sent in the name of WHO and United Nations continue to be very popular with attackers.
PWC has also reported an increase in brute force attacks across their clients’ systems in India during Q1 2020. Between 15 and 19 March 2020, unique brute force attempts increased by about 300% over the median.
Further, Kaspersky has found a three times increase in distributed denial-of-service (DDOS) attacks on educational platforms and government websites in Q1 2020 as compared to a year ago. It can be attributed to the fact that many schools and universities have started providing online lessons to students.
"Outage of internet services can be especially challenging for businesses now, because this is often the only way to make goods and services available to their customers.
In addition, widespread adoption of remote working opens new vectors for those responsible for carrying out DDoS attacks," said Alexey Kiselev, business development manager, Kaspersky DDoS Protection team.
DDOS attacks target websites and online services by overloading them with more traffic than what their web server or network can handle. This disrupts the services of a website temporarily.
"Previously most attacks were conducted against the public-facing resources of companies. We now see that DDoS attacks target internal infrastructure elements, for example, corporate VPN gateways or email servers," added Kiselev.
Organisations security posture is also being tested heavily by ransomware attacks. In March alone, Carbon Black recorded a 148% increase in ransomwares compared to baseline levels from February 2020.
The fear of touching cash has pushed use of digital payment platforms. According to an ACI worldwide and YouGov survey, 75% out of the 1000 Indians who were interviewed, have made digital payment at least once a week and 44% have used them almost daily in April.
About 31% of these individuals were victims of card or digital payments fraud or know someone who was involved in one in the last few months. Nearly 17% of them had come across these frauds in the last month.
"The material makeshift of a fraud hasn't changed because of covid-19. What is happening is that there are a lot of traditional users who were not using online payments are now using them," said Kaushik Roy, vice president and country leader- South Asia, ACI Worldwide.