Cybersecurity and coronavirus: Cyber threats are on the rise

As most security and government sources had predicted, distributing workforces in the time of coronavirus has provided cyber criminals with many new threat opportunities. The growing number of threat vectors, or business entry points for cyber-crime, has increased exponentially as businesses converted mass numbers of centralized workers to remote workers early this year. The list of traditional vectors for cybercrime, including email (phishing and attachments) web applications, mobile malware, network and remote access, is now expanded via the use of malicious coronavirus-themed URLs. Clicks to these malicious sites are facilitated by remote workers seeking pandemic news while on the corporate network. Cyber Talk recently reported that “over 4,000 coronavirus-related domains [are] registered globally” and goes on to assert that 50% of new coronavirus domains are more likely than other domains to be malicious. It is an unfortunate offshoot of this global cyber-crime push that sometimes the most essential industries are targeted. Microsoft issued a recent threat intelligence warning to healthcare organizations that they have been tracking REvil, a fileblocking ransomware, used in 2019 for infrastructure attacks, used today for healthcare VPN attacks. No one needs to be reminded of the terrible implications that ransomware in the healthcare system provides.

New Threats Target the Most Critical Businesses

The developing coronavirus “infodemic” has reached such proportions that both the World Health Organization (WHO) and United Nations have published information regarding recent coronavirus related cyber-attacks and tips on prevention. Illustrating the value of a crisis situation to cybercriminals, the WHO was targeted by a failed global phishing campaign that provided a malware-laden coronavirus E-book. Tedros Adhanom Ghebreyesus, Director-General of the World Health Organization is quoted as saying “We’re not just fighting an epidemic; we’re fighting an infodemic,” referring to fake news that “spreads faster and more easily than this virus.” It is not surprising then that ZDNet has reported an opportunistic increase in malware, phishing and other forms of attacks used by perpetrators of state sponsored espionage and hacking. Even the FBI has posted details of “cyber-actors” taking advantage of the increased use of virtual environments. It is important to remember these reports are all related to new threat vectors piled atop the already pervasive pre-pandemic cyber-threats; vigilant security monitoring and immediate reinforcement and education on security policy are critical activities for every business.

What can Businesses Do to Minimize Threats?

As was written about in the recent blog: Network Security in the Time of Novel Coronavirus there are many activities required to minimize threats with a focus on the remote worker including:

• Review, update and distribute corporate policies for security, public vs private access and communications, protection of company assets, BYOD, and “common sense” procedures to prevent threat introduction. Special focus should be paid to newly minted remote workers.
• Consider setting up a group policy that includes application control, software restriction, and pop-up blockers.
• Assure antivirus, endpoint protection, security software, plugins, and operating systems are patched and updated to the latest versions.
• Restrict administrator access on user workstations and configure firewalls to limit ports to only those required by the business. If possible, segregate the user network into multiple zones to limit potential infection
• Update (and upgrade if necessary) intrusion detection, intrusion prevention, and security systems. Today’s business network requires a highly dynamic security perimeter influenced by digitally mobile users as well as public, private, and hybrid cloud usage.
• Assure multiple levels of backup, including at least one offsite, to protect data integrity. Consider Managed Cloud Backup for its automated and secure offsite features that improve risk mitigation.
• Have a well-integrated and updated disaster recovery plan. Consider Disaster Recovery as a Service (DRaaS) as a primary or backup DR resource.

­If you’re looking to protect your organization against malware and other cyber-attacks, Otava can help. Otava understands the strain on both resources and finance in this time of considerable business challenges. To that end, Otava is offering free or reduced cost cloud products and support services. (Additional information here.) Consider our secure, compliant hybrid cloud solutions managed by a team of experts trained in the latest security best practices. Call 877-740-5028 or contact us to learn more.

Related Articles

How to avoid spear phishing bait: In the war against cybercriminals, we’ve learned to block messages from people we don’t know and avoid emails that have an excessive amount of capital letters, exclamation points and bad spelling. But what if the email is from someone you know, with their email address, a normal-sounding subject line, and a reference to the new car you bought last month

Ransomware preparedness with cloud solutions: According to a recent IDC survey, about 50 percent of organizations said they could not survive a disaster event, with 91 percent of respondents experiencing a tech-related business disruption in the past two years. Most organizations are already using cloud technology for their everyday business activities, but consider how it can help you prepare for a ransomware attack before it hits.

Disaster Recovery and business continuity in the remote workforce environment: In the decades-long evolution of the remote worker, policy, data protection, security and compliance all kept pace with the rollout of users and applications. Today, there is a new and onerous dimension added to this evolution, the mass and immediate deployments of multitudes of new home workers due to the current global pandemic.