Cyber security has always been a hot topic for industry professionals, but the Covid-19 pandemic has catapulted the topic into the limelight, with the media, businesses, and the general public alike, showing an interest and concern around the matter.
According to a recent PrivSec report, not long after the start of worldwide lockdowns back in March, there were over 300,000 Google searches relating to the topic of cyber-security.
That’s because the Covid-19 pandemic has created a world where cybercriminals can thrive.
Where businesses across the globe have had no choice but to enforce remote working and rely on their staff to adhere to security protocols beyond the office environment.
COVID-19 & CYBER SECURITY
No one could have predicted the scale of the Covid-19 crisis and it was therefore impossible to plan for. As such, its impact has also been off the scale in all business areas, but especially when it comes to cyber security. In fact, ReedSmith reported that cyber-attacks increased by 400% during March, meaning the Covid-19 pandemic has become the largest-ever cybersecurity threat to date.
That’s because cybercriminals prey on human emotions like uncertainty, worry and fear, all of which have been heightened by the unprecedented Covid-19 pandemic. And this crisis has been fortuitus for the attackers who have benefitted from the rapidly changing situation and consequent rushed response from businesses trying to adapt to stay afloat.
A spokesperson from Proofpoint, said “the cumulative volume of coronavirus-related email lures now represents the greatest collection of attack types united by a single theme that our team has seen in years, if not ever.”
The truth is, the bombardment of communication around the pandemic has become a breeding ground for cyber criminals. And they’re using the influx of remote workers, an increased reliance on technology and the heightened anxiety that Covid-19 has created as an opportunity to launch highly sophisticated and successful attacks.
1. INCREASE IN REMOTE WORKING
One way Covid-19 has forced a cyber-security hype is through a never-seen-before increase in remote working. A nationwide home working enforcement saw businesses of all sizes shut their office doors and shift to their makeshift home offices.
A lot of companies were not prepared for this shift and hastily put measures in place as a quick fix to ensure they could continue to operate. But doing this has meant a lot of companies failed to enforce sufficient security measures, providing vulnerabilities within their network, leaving data unprotected, and staff exposed.
Cybercriminals quickly latched onto this vulnerability, highlighted by a 63% increase in cyber-attacks since the start of the pandemic.
This has been done by bombarding remote workers with attacks designed to exploit vulnerabilities such as delayed updates to email and web filters, unsecured endpoints, poorly protected VPN connections and social engineering of isolated employees.
Businesses must review their remote working approach if they want to make this a permanent fixture.
Do this to ensure systems, data and staff are protected from attacks and to plug any vulnerabilities related to a rushed initial response.
2. RELIANCE ON TECHNOLOGY
As more businesses implemented remote working, their reliance on technology to communicate, collaborate and operate also skyrocketed.
Whilst this has pushed organisations to embrace digital transformation with open arms, it has also meant businesses are more likely to be impacted by a loss of service should things go wrong.
Everything we do from a business perspective moved online or through the cloud in a matter of days. Applications like Zoom, Microsoft Teams and Skype, all of which were an option pre-Covid-19, suddenly became a necessity. Access to business-critical systems, data and day-to-day operations became accessible remotely and the use of cloud technology boomed overnight!
Yet this heavy reliance on technology means criminals can launch attacks that take advantage of technology that is out of date, poorly patched or insufficiently protected.
Risk worth taking?
This now poses a serious risk because cyber criminals design these attacks to deny access to devices, data or the internet.
This could be devastating for businesses who may experience lengthy downtime, business disruption and loss of revenue as a result, at a time that’s tough for businesses to stay afloat.
3. opportunistic threats
Cybercriminals are, by nature, cold-hearted and ruthless individuals. No matter the event, they will always seek to exploit human vulnerabilities to get what they want.
Unfortunately, the fear and uncertainty generated because of the Covid-19 pandemic has heighted this, becoming a breeding ground for these types of criminals.
And recently, the coronavirus theme has become a basis for phishing attacks and inspiration for bogus websites and fraudulent activity.
The bad guys have been relentless in their efforts, preying on the increase of remote working which has isolated employees to launch a record-breaking number of phishing attacks.
Back in April, just 2 months into the worldwide lockdown, Google blocked a whopping 18 million suspicious phishing attempts a day related to Covid-19.
Why Covid-19 has made this worse
Criminals know that employees working remotely are more vulnerable, and therefore more susceptible to social engineering attacks. Phishing attacks have become more sophisticated, with many using legitimate content, relevant themes, and fear evoking tactics to trick end-users, meaning determining the legitimacy of Covid-19 communication is much harder.
Action Fraud reported that as of July 2020, those that had fallen victim to Covid-19 scams had lost just over £11 million pounds! And for some businesses, it’s not just financial loss that causes severe implications. The impact of cyber attacks can be far more devastating including loss of consumer trust and reputational damage that is difficult to build, but easy to lose.
CYBER SECURITY POST COVID-19
According to a number of cyber security experts, there are still a few positives to take from Covid-19. It’s accelerated digital transformation at a rate thought impossible, and in some cases, by up to five years!
Now, businesses must now prepare for the future and what that looks like. Allocate time and budget to ensuring your cyber security strategy works to protect your business, data, and staff in a way that freely embraces new technology, cloud infrastructure and flexible working.
Not sure where to start? PCS can help.
CYBER SECURITY ADVICE FROM INDUSTRY EXPERTS
The impact of Covid-19 on cyber security is something that all businesses can learn from. Get in touch with our team of experts who can support you to review your current cyber security set-up and suggest ways to be better protected and prepared going forward.
Call us on 0333 150 6780, email or fill out the contact form below and a member of the team will be in touch.