In the midst of a global pandemic, there are those who put their lives on the line, working long hours in emergency rooms and long-term care homes to help others. Then there are those who prey on people’s anxieties and profit from uncertainty.
During natural catastrophes, political upheaval and, yes, even global pandemics, cyber criminals are busier than ever. And since the start of COVID-19, we’ve seen a rather dramatic increase in ransomware, phishing scams and other cyber attacks.
These were concerns in our pre-pandemic world. But new vulnerabilities — including home-based workforces using corporate devices over unsecured Wi-Fi they share with the rest of the family — have left some big gaps in security.
And there’s no signs of this slowing down. On Sept, 27, Universal Health Services — a major hospital and healthcare network with more than 400 facilities in the U.S. and U.K., suffered a ransomware attack that took down networks around the U.S., forcing hospitals to divert ambulances and reroute patients to other facilities. And that’s just one of many cyber attacks in recent months.
Cyber attacks surge during COVID
“Despite never losing their importance philosophically, cybersecurity had fallen off my list of critical tech trends last year, but with the pandemic, cybersecurity has become very relevant again,” writes Daniel Newman, principal analyst of Futurum Research, in Forbes.
Stats reported in Fintech News cite a 600 per cent increase in cyber attacks on cloud servers from January to April. Ransomware attacks rose 148 per cent in March and attacks targeting home workers rose five-fold in the six weeks following lockdowns.
IBM’s Security X-Force Incident Response reports that, as of September, one in four attacks it has remediated this year have been caused by ransomware (with a surge of attacks in June). Ransom demands are also increasing exponentially, with the figure passing $40 million in some cases.
It also reports a shift in targets, with cyber criminals going after manufacturing, professional services and government organizations, as well as schools and universities. Perhaps even more concerning is that they’re shifting to “blended extortion-ransomware attacks — where threat actors steal sensitive company information before encrypting it,” according to IBM.
New security considerations
That means there are new considerations when it comes to securing your operations and workforce. Indeed, there’s evidence that remote working significantly increases the risk of a successful ransomware attack, according to David Ferbrache, global head of cyber futures with KPMG in the U.K., in a recent insight.
“This increase is due to a combination of weaker controls on home IT and a higher likelihood of users clicking on COVID-19 themed ransomware lure emails given levels of anxiety,” he says. Such lures include so-called information about vaccines, financial assistance and even downloads of technology solutions or updates to enterprise apps.
“With fewer employees working onsite on the same secure network, it is imperative that companies shore up their networks and upgrade their cybersecurity strategies, and expand them to home networks and mobile work-from-home devices,” says Futurum’s Newman.
These new and evolving threats, like blended extortion-ransomware attacks, mean that organizations can’t afford to let their guard down — despite the fact they have a lot of other distractions right now.
Preparing staff for cyber attacks
As IT pros know, security requires a multi-pronged approach, from putting the right technologies in place to making sure your data is properly backed up and staff are educated on the threats. But with so many employees working from home, employee education is perhaps more important than ever.
“The security function, compliance team, and internal audit team may be described as the first, second and third lines of defense. Still, users will always be on the front line — education and awareness matters,” says Ferbrache in the KPMG insight.
“Help staff spot COVID-19 email attachments and website links that could contain ransomware, by showing typical attack examples and providing tips on recognizing lures,” he says.
Also, make sure employees know what to do if their device is compromised. If their corporate laptop is hit with ransomware while they’re working from home, they should know who to call and what to do with their device.
Futurum’s Newman believes that AI and machine learning will be a key part of the solution, since an increase in “attempted nefarious activities require more sophisticated tools and algorithms to fish out.”
While still in its infancy, another approach is “confidential computing,” which encrypts the entire computing process — not just the data. Google, Microsoft, IBM and others are developing new protocols via the Confidential Computing Consortium (individual players are also coming up with their own solutions). And we could start seeing mainstream solutions by next year.
With the move to remote workforces and cloud-based enterprise applications, organizations have their hands full trying to identify security gaps, mitigate risks and avoid cyber attacks. Unfortunately, the cyber criminals know this, too.