Cyber attacks during Covid-19

Cyber criminals are exploiting the COVID-19 pandemic to escalate their attacks against organisations and private individuals.

Extra awareness is needed to defeat these attacks and tactics. We must not become complacent in these unprecedented and challenging times when perhaps our focus is elsewhere, and we are distracted.

In January 2020, a number of spam or phishing emails emerged that referenced COVID-19, and by early March they represented a significant percentage of all malicious email traffic. In addition, an increasing number of malicious websites are being created using COVID-19, or a related term, with more than 42,000 sites being registered since early February. Many organisations have employees working from home for the first time and that poses further risks.

Common methods of increased cyber-attack activity include the following:

Phishing emails

• Emails that appear genuine are sent requesting the employee to install software onto their device.
• Special offers from commercial organisations offering free medical products (masks, tests, PPE).
• Information on a coronavirus cure.
• Offers of tax refunds or financial aid from the federal or provincial government.
• Safety advice from World Health Organization (WHO) or the Centers for Disease Control and Prevention (CDC).
• Emails from fake HR departments asking employees to complete a survey.

Malicious Websites

Creation of malicious websites e.g., a fake Johns Hopkins University or Sunnybrook Hospital website that offers an online diagnostic tool.

Smartphones

Fake COVID-19 tracker smartphone apps appearing to represent government agencies.

Ransomware

Ransomware can be accidentally downloaded through a number of the means outlined above. When downloaded, the software uses unbeatable encryption to lock all your files and prevent access to them. Once installed, the fraudsters will demand a cash payment to unlock your device, usually with an expiry date, at which point all your data will be deleted. There is no way to circumnavigate this encryption without extreme intervention and resources, not available to most private organisations.

Defeat the Cyber Criminals

Many cyber-attacks can be defeated by following good practices and implementing basic security controls. These include the following:

• Continually raise awareness and remind your employees of the importance of computer security.
• Encourage and support your team with training, so they can identify threats and learn how to respond to them.
• Ensure that your employees back up their data regularly.
• Keep portable devices safe e.g.: use PIN/Password protection/fingerprint/face recognition; keep device software updated; do not connect to public spot hots use 3G/4G or VPNs; replace any devices no longer supported by manufacturers.
• Regularly update anti-virus software and update devices with the latest software patches. Only use approved software. Control access to removable media i.e., memory sticks, and ensure your firewall is always enabled.
• Avoid phishing attacks, scan for malware and change passwords if a successful attack is detected.
• Educate employees on common phishing tactics: e.g. tell them to look for poor spelling, grammar or images that may be indicative of rogue email.
• Protect data using strong passwords and encryption. Use tools to prevent employees from using predictable passwords.
• Have a tried and tested response plan ready in the event you do fall victim to an attack.
• Continually assess and test the robustness of your cyber defences.
• Learn from any incidents and update your defences.