The COVID-19 pandemic continues to disrupt the world’s global health, economic, political, and social systems. As lockdowns have been enforced in many countries to contain the virus, we are left with no choice but to stay at home and rely on the internet to keep updated. Companies, firms, employees, and consumers are increasingly relying on home networks, virtual workspaces, videoconferencing, and other forms of remote work practices to continue with their jobs.
However, our increased reliance on digital tools has paved the way for the continuous rise of cyberattacks. Recently, many international organizations have issued warnings that cybercriminals are ramping up attempts to exploit individuals and corporate networks during the pandemic. One of the most affected is the world’s healthcare systems, which have continuously become target to different kinds of attacks, from computer-borne viruses to malware.
Cybersecurity is Growing Everyday
Even beforethe coronavirus pandemic, many countries had been dealing with cyberattacks. One study revealed that a hacker attacks a computer ever 39 seconds, affecting 1 in 3 Americans annually. They don’t just target ordinary people but also companies and small businesses. Previous reports showed that 64% of companies have experienced web-based attacks; 62% experienced phishing and social engineering attacks, 59% of companies experienced malicious code and botnets, and 51% experienced denial of service attacks.
Statistics from Cybint Solutions, a global cyber education company, reported that the average distributed denial-of-service (DDoS) attack grew to more than 26Gbps, increasing in size by 500%. A survey conducted by Dell revealed that 63% of companies said their data was potentially compromised within the last twelve months due to a hardware- or silicon-level security breach. In 2019, Kaspersky’s web antivirus platform identified more than 24.6 million "unique malicious objects,” an increase of 14% from 2018.
The risk of cyberattacks will only grow more in the next few years as the number of connected devices across the world increases. As more people and business infrastructure get connected, Juniper Research data suggests that cybercrime will cost businesses $150 million this year. Experts also said that approximately $6 trillion is expected to be spent globally on cybersecurity by 2021. Ginni Rometty, IBM’s chairman, president and CEO, said: “Cybercrime is the greatest threat to every company in the world.”
Rise of Cyberattacks During Coronavirus Pandemic
As the COVID-19 pandemic continues to threaten many countries, cybercriminal organizations are getting more ruthless and persistent than they have ever been. According to JD Supra, a daily source of legal intelligence on all topics business and personal, cybersecurity professionals detected an uptick in cyberattacks on the private sector in the first quarter of 2020. The attacks were driven by traditional business email compromise and a prevalence of novel ransomware kits propagated through so-called banking trojans. Hackers use tools to encrypt local servers of a victim company, aiming to extort them to provide the decryption key. After a few weeks, they again extort the company threatening to release or sell sensitive data that they had exfiltrated.
Recent reports have also revealed that many cybercriminals attack healthcare systems using computer viruses and malicious emails with embedded ransomware and malware. These are designed to disrupt healthcare operations and deny access to vital EHR systems and ancillary systems. These attacks are only a few examples of how cybercriminals see this pandemic as an opportunity. Since the crisis started, cybersecurity experts have been reporting a rise in cybercrime, especially phishing and ransomware attacks.
For cybercriminals, the COVID-19 crisis is a good time, especially when people’s fear and uncertainty are heightened. They can easily manipulate online users to make mistakes. A recent global cyberattack, for instance, targeted people looking for visuals of the spread of COVID-19. The malware was concealed in a map that displayed coronavirus statistics. Viewers were asked to download and run a malicious application that compromised the computer, allowing hackers to access stored passwords.
This recent cyberattack showed that cybercriminals are extremely creative in devising new ways to exploit users and technology to access passwords, networks, and data. According to the World Economic Forum, an independent international organization committed to improving the state of the world by engaging business, political, academic, and other leaders of society to shape global, regional, and industry agendas, 98% of cyberattacks deploy social engineering methods. They often capitalize on popular topics and trends to tempt users into unsafe online behavior.
Since more people spend their time online, the chances of them becoming victims of cyberattacks are higher. For instance, users could fall for “free” access to obscure websites or pirated shows, opening the door to likely malware and attacks. Experts also said that this pandemic is the perfect time for cybercriminals to launch their attacks due to the increased risks. New potential risks include less-reliable internet connections, social engineering attacks against employees and their families, and honest mistakes made in unfamiliar workflows.
Last March, an international group of nearly 400 volunteers with expertise in cybersecurity was formed to tackle what experts believe to be unprecedented levels of phishing due to the COVID-19 pandemic. The group, which is called COVID-19 CTI League, prioritizes working to combat hacks against medical facilities and other frontline responders to the pandemic.
“I’ve never seen this volume of phishing. I am literally seeing phishing messages in every language known to man,” Marc Rogers, head of security at the long-running hacking conference Def Con and a vice president at security company Okta Inc., said.
Rogers said that they have already dismantled one campaign that used a software vulnerability to spread malicious software. The law enforcement also helped fight these cyberattacks. “I have never seen this level of cooperation. I hope it continues afterward, because it’s a beautiful thing to see,” he said.
Experts say that online users should be vigilant when checking emails, especially from external sources. They should be cautious when handling emails with subject lines, attachments, or hyperlinks referencing the coronavirus. Users also need to practice cyber hygiene when visiting social media sites such as not clicking on “COVID-19 news and dashboards” on third-party websites. These sites could be malicious with real web-links to steal your credentials or launch an embedded malware attack.
Additionally, employees working online must understand the importance of simple, preventive measures they can take every day. This includes not providing account details to an unknown source. It’s also important that companies train their employees to fend off potential cyberattacks and know how to report a compromise.