Account takeover for employees, customers, and users has become a real issue since the COVID-19 outbreak. Here is why that is and what organizations can do about it.
Since its discovery in December 2019, the novel Coronavirus, Covid-19, has spread throughout the world and caused significant disruption. This disruption has taken many forms. Of course, the most serious consequence of the pandemic has been the loss of life and the economic impact. Measures such as social distancing and self-isolation are considered necessary. It’s because of this that some authorities and conscientious employers moved to home-working.
The way we work has fundamentally changed, at least for the time being. We are now witnessing remote working at levels never seen in the past. This shift towards home working has allowed many thousands of businesses to continue operating through these unprecedented and uncertain times. However, this shift has also created opportunities for nefarious individuals to exploit companies. Work-from-home threats are a pressing and real concern.
Cybersecurity experts and government officials have warned that companies transitioning to large scale remote working are at risk of cyberattacks, employee account takeover attacks, and customer account takeover attacks. Although remote working isn’t new, many companies only had limited home-working capabilities, if any. The best way to ensure protection from cyber attacks is to have an educated workforce, robust cybersecurity systems and tools, and a thorough implementation of policies. However, unprecedented times call for unprecedented measures. The coronavirus pandemic hit swiftly and as such many businesses were ill-prepared to make this switch to remote working. Companies acted quickly to make this switch to prioritize the safety of their employees and the wider community. Unfortunately, this type of rapid change does leave companies vulnerable to cyber-attacks
The following factors contribute to increased cyberattack threat:
Phishing scams preying on the fear and confusion surrounding coronavirus started as soon as the virus started hitting the headlines back in January. Since then, hackers have continued to refine their techniques to exploit this ongoing crisis. Hacking threats have been on the rise, with one security firm reporting a 15% increase in hacking threats each month since the outbreak started. On March 12 and 13, Brno University Hospital in the Czech Republic suffered a ransomware attack, forcing them to cancel operations and relocate patients to nearby hospitals.
There have been reports of thousands of new scam and malware sites being created daily. Emails are being sent to employees trying to trick them into downloading malicious software or handing over their credentials. For example:
Other emails have been circulating that pretend to detail information on a coronavirus vaccine. A Russian hacking group posing as Ukraine’s Center for Public Health was also found to be responsible for sending phishing emails to targets in Ukraine. Coronavirus ransomware attacks have also been documented. It appears that cybercriminals are targeting people in countries most severely affected by the virus, including Italy, China, and South Korea. The exact countries being targeted are expected to evolve as the situation advances.
Many businesses are operating under reduced capacity or with limited funds and as such, taking proactive cybersecurity measures in terms of new staff and costly dedicated software may be unfeasible right now. This does not mean you are powerless.
Try to stay up to date with the latest developments on coronavirus related cyber-attacks. Familiarize yourself with emerging attacks and educate your workforce over email. Tell employees what to look out for, and when they should notify the IT department. It may also be a good idea to communicate to your customers what communications they can expect from you, as well as some cybersecurity tips. Lastly, make sure your employees are not using exposed passwords.