The short answer to that question is a definite YES.
In fact, according to cyber intelligence firm CYFIRMA, there has been a stunning 600% increase in threat indicators between February and early March alone with hackers from all over the globe cooking up new schemes.
Why Hackers are Upping their Game?
Hackers know that fear and disruption equals opportunity and there is nothing quite like a global pandemic to create plenty of both.
Cybercriminals are also well aware that many employees are now being forced to work from home and that puts poorly prepared businesses at risk of a wide variety of attacks – from home Wi-fi hacking and phishing to brutal DDoS assaults.
Businesses directly connected with the pandemic should be doubly careful. The nastiest cybercriminals of all are targeting hospitals and medical labs. Some are motivated by money, looking to extort hospitals or steal and sell valuable research. Others have more political aims (e.g. subverting national governments).
How do hackers gain entry?
Here are three tactics – with examples of how they have been used during the COVID-19 outbreak:
Sneaking under the gate
This is the closest method fitting the stereotype of the hacker as some sort of technical whizz probing for weaknesses.
For example, with remote working taking off, cybercriminals have realized they can strike gold through hacking relatively insecure home Wi-fi routers. An expo by Bitdefender showed us how hackers are targeting vulnerable types of router (namely Linksys and D-Link routers) to change DNS settings.
Basically, they are telling the routers to direct requests for certain popular sites (e.g. AWS and Disney) to a fake site. Before loading, a convincing info panel pops up offering advice about coronavirus. When the target clicks the download button, a chain of events plays out behind the scenes, ending with a program known as an ‘infostealer’ downloaded on the device. You don’t need much imagination to guess what that does (it even steals Bitcoins!)
Smashing down the gate
Or to be more accurate, holding shut the gate – for everyone. This is how a standard Distributed Denial of Service (DDoS) attack works. It uses the combined power of multiple computers to flood a network with connection requests, effectively taking it offline.
When the website in question is the US Health and Human Services department website, during a killer pandemic, you can see how this could be a problem.
Bloomberg reported a suspected DDoS attack on the HHS in March although, according to secretary Alex Azar, the department: “had no penetration into our networks, we had no degradation of the functioning of our networks.”
It is still unclear whether this was a genuine DDoS attack or simply the result of an uptick in genuine requests overwhelming the HHS servers. Nevertheless the threat is clear to see.
Getting you to open the gate
This is the most effective method of all.
Coronavirus and mass panic creates a perfect storm for hacker phishing expeditions. The classic phishing technique abuses our fears and our trust to get us to download the type of malware mentioned above (and other nasties like ransomware).
The malware (or a link to it) is sent via an email disguised to deceive the recipient into opening it – either due to fear or simple lack of attention (“It said it was from HR, boss!”)
During this COVID crisis, phishing campaigns could be disguised as:
- An information update from the WHO, CDC or another trusted organization
- Urgent instructions from HR or the management
- Check application form from the Federal government
- COVID-19 vaccine announcement
- Low cost PPE (masks, gloves, etc.)
- Foreclosure warning from your bank
If that scares you, we have a solution: IT support experts are ready to keep these attacks at bay permanently (it’s like PPE for anyone who handles emails!)
Solutions: Taking Back Control
Now that you know a little of what you’re up against, here are a few tips to keep you protected from the increase in hacker activity:
- Instruct remote employees to check the passwords of their home Wi-Fi routers when logging into the corporate network or cloud services (especially if it’s a D-Link or Linksys router).
- Public Wi-Fi should only be used for non-sensitive work and only if there is no other option.
- If possible, supply all remote workers with separate devices for work purposes
- Add remote workers to your VPN (if you don’t have a VPN, set one up)
- Create a patch/upgrade policy that works for everyone. As provider of IT Support Los Angeles based DCG Inc. said in a recent blog post: ‘Security patches and updates play a key role in keeping your business safe against cyber threats.’
- Make sure employees take regular back-ups of their work. You may want to invest in a cloud back up service.
- Formulate a disaster recovery plan. Another post from provider of IT Services Los Angeles based DCG Inc. warns: ‘Alarmingly, over 90% of unprepared companies get out of business within a year of a data disaster.’
- Talk to Phish Protection about our cutting edge anti-phishing technology. We even offer a 60-day free trial.
The upheaval caused by COVID-19 is triggering a wave of new cyber-attacks from global hackers. By following the above advice and keeping on your toes, you can ensure your systems don’t pick up a virus of a different kind.
Brent is the CEO of DCG Technical Solutions Inc. DCG provides specialized advice and IT Consulting Los Angeles area businesses need to remain competitive and productive, while being sensitive to limited IT budgets.
Brent has been featured in Fast Company, CNBC, Network Computing, Reuters, and Yahoo Business. He also leads SMBTN – Los Angeles, a MSP peer group that focuses on continuing education for MSP’s and IT professionals. DCG was recognized among the Top 10 Fastest Growing MSPs in North America by MSP mentor.