As with every world crisis, COVID-19 (Coronavirus) has also created an opportunity for malicious parties to take advantage of this vulnerable time and to exploit the vulnerabilities of others. It is no secret that the cyberattacks, scams, and frauds are increasing to a level that is quite drastic. A level that is portraying a risk for many organizations that work with sensitive information, such as healthcare, laws, financial statements, etc.
Most of these frauds and scams are via phishing emails, fraudulent sites, social media links and campaigns which are supposedly for charity purposes regarding COVID-19. These scams are designed in a way to lure in their targets and ultimately entrap them using sensitive or/and personal information. Their goal, of course, is to take monetary compensation in exchange for the return of this data.
The danger of these scams has also increased as the need for social distancing has arisen in this tying time. Organizations have implemented online and telework modifications in their systems to make work life easier for their employees. They have provided VPN services and remote accesses. Although it is a good thing in the name of continued normalcy, the downside is more access for cyberterrorists.
The Risks Associated With The Use Of VPN And Telework
With the abrupt need for transferring all systems onto VPN and Telework, not all organizations were advanced or financially stable enough to handle the sudden load. Due to the abrupt circumstances, not every employee is given the proper information about how to deal with the new systems. In this scenario, they end up downloading or clicking on phishing emails, malware VPNs and fake COVID-19 links.
In a recent report, it was found that the organization of Cybereason’s IT team found a whole host of legitimate VPN installers for social media platforms such as Facebook, Instagram, and Twitter. But once a person would attempt to download, they would be led an automatic redirection to a malware host site.
There have also been concerns over VPN security but now after the advent of COVID-19, these concerns are more global. The DHS Cybersecurity and Infrastructure Security Agency (CISA) is working hard to correct these concerns and make remote accessibility easier and safer for all. They are patching the vulnerable areas and helping configure and upload the VPNs with a stronger password.
Beware Of Being Exploited And Be Sure To Keep Updated Software
With recent reports by KnowBe4, we can see that other than the pandemic of COVID-19 in the real world there has also been a virtual pandemic that we have been subjected to. Phishing emails, false links including a fake John Hopkins site that tracks new and old COVID-19 cases. According to Check Point, there have been more than 16,000 new sites related to Coronavirus. Around 93 of them have been tagged as malware and 2200 of them are categorized as suspicious as of now.
It is important to keep your system security updated, make use of proper VPNs and make sure to keep an eye out for malware. This is the most that we can do in the fight against cyberattacks.