How Pandemic changed Cybersecurity

vadim-kaipov-_6kI0qhmxc4-unsplash (1)

As we get used to the post pandemic world and have forgotten, what changes world need to face to in 2020, now with the upcoming new waves of COVID-19 we may come back to the old pandemic habits. Even If some of us are coming back to the offices nowadays, the remote work will stay with us for longer.

The pandemic has made it more difficult for companies to maintain their security and business continuity. Due to that, it is good to get to know, what was the real impact of pandemic to the cybersecurity branch, what kind of new challenges appeared in lives of all of us in terms of cyber security.

The coronavirus pandemic has been an impact for new challenges for businesses, especially middle and small ones. Even in 2022 companies are accelerating their digital transformation. Due to that, cybersecurity is now a major concern.

Below in the nutshell you can read about the most important issues related to the digital security topic in the pandemic environment.

Home alone

According to the FBI, cybercrime has tripled since the beginning of global pandemic. Pandemic is as an opportunity criminal activities conducted by cyber attackers by exploiting the vulnerabilies of “home alone” employees. According to the research 47% of individuals fall for a phishing scam during working from home, what may be also caused by the fact that employees are dealing with much more emails or messages and increase the chance for accidental click on phishing link. Vulnerability breach can be capitalized by people’s strong interest in news related to coronavirus (e.g. malicious fake websites related to the covid topics). What is more, another important insight from the industry is that the average cost of a data breach caused by remote work can be as much as $137,000.

According to the City of London Police, since January 2020 more than GBP 11 million have been lost due to COVID-19 scams. Another interesting insight can be the fact that in Switzerland,almost 15% respondents to a survey claimed that had experienced a cyberattack during the pandemic period.

 It is also good to keep in mind, that Each organization is only as strong as the weakest. In terms of cybersecurity all unprotected home router as a part of highly distributed network may be the source of additional risks. For IT departments It is difficult  to enforce high secure standards and to ensure that all devices and software are up-to-date and secure.

Meetings which could be an email, are set up even more frequently, but in the virtual and dangerous way

The real impact of pandemic is a higher number of (virtual) meetings and its also related to the less productivity, losses in culture and also communications richness. The lower the perceived value of the meeting is, it is the more likely to remain virtual in post-pandemic.

One example of them is, that the criminals exploiting the cybersecurity weaknesses in remote working has been the series of cyberattacks on video conferencing services. During the time February and May of 2020, more than half a million people were affected by the security breaches which exposed the personal data of video conferencing services users (name, passwords, email addresses) was stolen and sold on the dark web platforms. In order to successfully execute this attack, some hackers used a tool called ‘OpenBullet’.

Hackers also did use credential stuffing techniques to gain access to employees’ credentials and the stolen data has been sold to other cybersecurity criminals. It can be attributed as one of the consequences of a serious disruption of video conferencing platforms for businesses. Credential stuffing, which has been shown in our last example, is a form of cyberattack where hackers use stolen account credentials of username and password to gain access to other accounts. This is possible because most of the time, a lot of people use the same username/password combination across multiple accounts. 

We detected multiple instances where unwanted and uninvited members gain access to virtual meetings and obtain confidential or sensitive information, which is then sold to another third party or made available to the public in order to damage the company’s reputation.

How to make you more secure?

Examples of how companies and employees can increase cybersecurity

Every employees working remotely and using their personal computer (and even those using a corporate-owned device) should implement crucial cyber security best practices:

  • Antivirus protection system. It is the most essential and basic factor to have. Employees have to be provided with an antivirus license for use on their personal computers. Nevertheless, If this does not provide failsafe protection, it will eliminate attacks on the low level.
  • Cybersecurity awareness. Even with stronger technology controls, employees working remotely must still exercise great judgment to maintain information security. Staff should be trained with best cyber security practices and optimal procedures which may regulate the email exchange.
  • Phishing awareness. Employees should be vigilant when receiving emails and should check the authenticity of the sender’s address. 
  • Home network security. Employees have to be sure that their home Wi-Fi is protected by a strong password. 
  • Use a VPN. Virtual private networks, also knows as VPNs, add a further layer of protection to internet use from home. They cannot on their own be relied upon to prevent cyberattacks, but they can be a useful barrier against cyberattacks. There are some basic cybersecurity strategies that businesses can and should adopt. 
  • Identify weak spots. All IT systems have their own weaknesses. Companies have to run tests and audits to identify their own weaknesses and patch the most critical vulnerabilities as soon as possible. This can be done in the form of vulnerability scanning, or various type of penetration testing exercises. Additionally, there has to be the performance of hardening of components of the technical infrastructure.
  • Frequent reviews (auditing). Companies should regularly evaluate their cybersecurity risk exposure and determine whether existing controls are robust enough. Any new forms of cyberattack that have appeared recently should be considered during these reviews. 
  • Renew business continuity flows and crisis plans. Business lines Managers have to keep their business continuity plans updated and consider cyberattack scenarios. 

More advanced measures:

  • Always apply new technology and tools. Companies can use advanced tools such as host checking (a tool to check the security posture of an endpoint device before authorizing access to corporate information systems) to reinforce the security of remote working. 
  • Effective Intelligence techniques. Businesses should encourage proactive use of cyber threat intelligence to identify relevant indicators of attacks (IOC) and address known attacks. 
  • Risk management of the structure. In order to improve risk management, businesses can apply governance, risk and compliance (GRC) solutions. GRC solutions provide a detailed view of the company’s risk exposure and help link together the various risk disciplines (cybersecurity, operational risks, business continuity).
  • Prepare for attacks. In these high-risk times, companies are advised to carry out frequent cyber crisis simulation exercises to prepare their response to a cyberattack. 

Zero Trust Concept. CISOs and CIOs need to implement a zero trust approach to cybersecurity. This is a type of security model which only authenticated and authorized users, and devices are permitted access to applications.

Spread the word