Hackers and phishing scammers are trying to take advantage of the coronavirus disruption to hack into your network while you work from home. Telecommuting requires a different approach to cybersecurity than traditional models, and even in the best of times remote work requires a rethinking of security posture. Cybercriminals know that many are trying to adjust to new realities and are moving fast to exploit ignorance and fear around COVID-19 disruptions before their victims learn how to spot the signs.
Using COVID-19 as a Phishing Lure
Many federal cybersecurity agencies and private research teams have raised alarms about the emergence of phishing attacks leveraging coronavirus concerns. At least one firm claims that four out of five cyber scams exploited the virus in some shape or form as of April 2020. These ranged from simpler types of wire fraud schemes with bitcoin wallets to full-fledged malware campaigns that included thousands of malicious URLs and attached files.
Cybercriminals posed as distraught victims and individual healthcare workers needing additional funds, mask and sanitizer manufacturers and retailers, and even World Health Organization and CDC officials. Hackers have deployed all types of programs, from trojans to keyloggers, and March saw a surge of webpages being registered with mentions of coronavirus. Authorities suspect the latter are tied to illicit activities and are likely part of phishing domains.
A Whole New Ransomware Surge Mid-Pandemic
2020 had already promised to bring a whole new wave of ransomware attacks against unsuspecting victims, but the COVID-19 pandemic prompted some hacker gangs to double down on common targets. Chief among those are hospitals and other healthcare providers, including quite a few on the frontlines of treating infected patients. The situation has become so dire that Interpol has stepped in to aid regional law enforcement in investigating ransom cases, as well as technical support and guidance for the medical industry.
In a surprising turn of events, online outlet BleepingComputer managed to contact several of the malware syndicates behind some of the most notorious forms of ransomware. All denied ever having targeted any hospital or any other public service institution, and a few claimed that the only healthcare industry victims they had ever pursued were pharmaceutical companies. However, experts have already questioned the sincerity of those promises not to impede medical centers and warned everyone to remain on guard.
Cybersecurity and Working from Home
There are two things hackers are keenly aware of right now: first, people are distracted, and secondly that even before the novel coronavirus, many businesses were not taking the right steps for telecommuting securely. Cybersecurity is a big concern when working from home, and the mass shift to an enduring remote work model has inadvertently expanded the attack surface of many companies. Unprepared employees are using home devices and open Wi-Fi signals to log into corporate networks, with simple usernames and passwords that have been re-used a hundred times.
This is the perfect time to launch a phishing campaign, with millions of unsecure computers and unsuspecting victims everywhere. Even in the best of times, social engineering and spoofed emails delivering malware can catch all but the wariest off-guard. The key to migrating to a cybersecure work from home environment during these uncertain times is making sure all endpoints are protected – and that means educating users and managers on how to do so.
Let Your Remote Workers Telecommute Securely
Phishing is not going away for a long while, as even without a huge telecommuting surge, hackers know that there are so many easy victims to exploit. Let SWK Technologies help you educate your employees on how to spot the red flags of a spoofed email, and teach your business all the tricks of working from home securely.
Sign up for our Phishing Defender service to receive the latest in employee training, educational tools and more to protect your business against COVID-19 cybercrime.