COVID-19

Cyber Attacks on Increase During Covid-19

2 Mins read

We noted in the last blog that organizations face new challenges and have to prepare for new risks. The sudden change in the way the business is kept functional has a direct impact not just on business continuity but various other risks such as Cybersecurity/Technology Risk, Fraud Risk, Employee/Third Party Fraud Risk, Ethics and Compliance Risk, Reputation Risk, Operational Risk, Financial Risk, Supply Chain Risk, Health & Safety, Key Person Dependency Risk, Regulatory Risk, and Market Decline Risk. The link below provides more insight into how internal auditors can add more value during the critical time by being agile.

https://www.linkedin.com/posts/charupel_cyber-security-covid19-risks-audit-plan-activity-6655466815331844097–u7-/

This blog is part of our ongoing COVID 19 Cyber Security series. Each piece focuses on a different area impacted due to COVID 19and aims to answer the questions that are important to your business. Read more to learn about ongoing cyber-attacks that continue to cause damage during COVID-19.

  1. Since the declaration of the pandemic on March 11th by WHO, IBM X-force reported a 6000% increase in COVID-19 related spams. The small business owners and consumers are most impacted by phishing.
  2. Google reported in the second week of April blocking more than 100 million phishing emails. The Google team saw 18 million daily malware and phishing emails related to COVID-19 in addition to more than 240 million COVID-related daily spam messages
  3. Barracuda researchers reported a  steady increase in the number of coronavirus or COVID-19-related spear-phishing attacks since January 2020, but they have observed a recent spike in this type of attack, up to 667-percent since the end of February 2020.
  4. COVID-19 is being used in a variety of malicious campaigns including email spam, malware, ransomware, and malicious domains. The Netflix subscription messages in different forms and URLs are floating around. Some of them are promising free 6-month subscription if registered within 24 hour and other are offering 2 months subscription.
  5. According to the latest Malwarebytes statistics, web skimming increased by 26 percent in March over the previous month.
  6. Domain registrar, Namecheap is no longer accepting any new domain applications including the words “coronavirus,” “COVID,” and “vaccine,” among other versions of words and phrases alluding to the ongoing COVID-19 pandemic. The measure is to prevent abuse and fraud from sites trying to hawk fake products and misinformation and otherwise capitalize on the ongoing global health crisis.

Here is the quick look at the resources you have to address the above challenges:

  1. The United Kingdom’s National Cyber Security Centre (NCSC) and the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) have jointly provided practical advisory for individuals and organizations on how to deal with COVID-19 related malicious cyber activity.

Link: https://www.ncsc.gov.uk/news/covid-19-exploited-by-cyber-actors-advisory

  • FBI shared DOs and DONTs about the following topics:
    • Teleworking (Remote work online)
    • Education Technology Tips
    • BEC (business email compromise) Tips
    • Cyber Crime Vulnerability Tips

Link: https://www.ic3.gov/media/2020/200401.aspx

  • Quick tips for addressing COVID-19 Challenges

Link:

COVID-19 Guidance for Small and Large Businesses

https://www.linkedin.com/posts/charupel_coronavirus-guidance-for-small-and-large-activity-6642842725655859200-v13D/

Remote Work Easy Fix Cyber Security Checklist

https://www.linkedin.com/posts/charupel_remote-work-senior-management-director-activity-6648460735728934912-IFX8/

COVID-19 -Third-Party Risk Management Series

https://www.linkedin.com/posts/charupel_monday-morning-cyber-security-thrid-party-activity-6627941269656133632-XYnN/

COVID-19 – How to Protect Against Malware Series

https://www.linkedin.com/posts/charupel_how-to-protect-against-malware-part-iv-activity-6579525962428403712-1ZFa/
  • Blocking newly registered domains (NRDs) as the sites specifically created with the purpose of committing a cyber crime tend to be much younger.

Related posts
COVID-19

Occupational Safety & Reopening Safely

1 Mins read
Course Content What is SARS-COV-2 (COVID-19)?How to Protect Yourself?Deciding to Reopen the Business During COVID-19Worker Exposure Risk to COVID-19Steps to Reduce Workers’…
COVID-19

Scammers Exploiting COVID-19 Fears, Stimulus Checks, Fake Cures

1 Mins read
Please check earlier blogs “Easy Fix Remote Work Cyber Security Checklist”, “Management, Director and Employee Responsibilities”, “Cybersecurity COVID 19 Guidelines for Small…
COVID-19

COVID 19, Remote Work, and Cyber Security

3 Mins read
The article published two weeks ago titled “Coronavirus (COVID-19) Guidance for Small and Large Businesses” listed the important points and resources the…

Leave a Reply

Your email address will not be published. Required fields are marked *