SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
What will stop COVID-19 cyber attacks? Technology and education
Fri, 17th Apr 2020
FYI, this story is more than a year old

As threats increase during the COVID-19 pandemic, businesses need to be focused on implementing technological solutions and investing in employee education to achieve basic security hygiene, according to Wavelink, a Fortinet distributor.

This time, which has brought up confusion, fear and distress for individuals and seen many businesses move to remote working, has given cyber criminals greater opportunities to succeed in various attacks and scams.

Wavelink states that scams including fake emails, text messages, phone calls and fraudulent products are all on the rise. However, social engineering scams are most likely to succeed during this time so it's particularly important to be aware of new threat activity and protect the organisation against it.

In addition to fringe actors, professional cyber criminal organisations are also taking advantage of the situation. Wavelink has identified various attacks, including the following.

The Emotet trojan, which steals sensitive and private information such as banking details, and can cost upwards of US$1 million per incident to clean up.

BabyShark, a relatively new North Korean malware that persistently exfiltrates system information and receives additional commands.

The Ukrainian Centre for Public Health spoof, which impersonates the World Health Organisation trademark to lure users into opening a malicious Word document.

An Italian phishing attack that warns the recipient that COVID-19 cases in their region have been documented and the recipient should urgently open the attached, malicious Word document.

A FedEx customer advisory email that looks like a PDF document but is, in fact, an executable file that infects the user with the Lokibot infostealer.

Wavelink states that organisations should be investing in smart security solutions to protect against threats such as this as well as everyday scams.

For a start, organisations should look at updating their anti-virus and intrusion protection system definitions regularly. In addition, they should proactively patch with vendor updates where available.

Secure mail gateway solutions, which flags specific file types likely to be malicious, and sandbox solutions, which enables IT teams to identify if a file displays irregular behaviour, can be useful.

Furthermore, a firewall with anti-virus can also be configured to detect and block threats.

Alongside technology solutions, businesses should be looking at employee training and education.

Wavelink managing director Ilan Rubin says, “Technology can only go so far to protect an organisation against attack in such chaotic and challenging times. With more employees working outside the corporate firewall for perhaps the first time, businesses need to be more vigilant than ever in making sure these employees understand the importance of basic security hygiene.

"This includes never opening attachments from someone they don't know and always treating emails from unrecognised senders with an abundance of caution."

When it comes to specific employee training, Rubin says, “Employees should be trained to be sceptical of instructions in emails, text messages, or even phone calls that require them to click on a link, open an attachment, provide login details, or transfer funds. If in doubt, users should contact their IT or information security department to verify if an email is legitimate."

Rubin says this is a crucial time for organisations to up their security game.

He says, “Right now there are so many legitimate pieces of communication regarding COVID-19 that it's very easy to slip in some phishing emails and other fake communications. This has created a significant vulnerability that attackers have been quick to exploit.

“People are hungry for information while organisations are looking for products that can help protect them against the virus. This has seen a dramatic rise in attacks that put malicious links in legitimate-looking emails purporting to be from government agencies or news outlets, for example.

Rubin says, “If people stay vigilant and refuse to trust suspicious emails, then, at worst, a business activity may be delayed. At best, an expensive and potentially devastating cyberattack could be averted. Now more than ever, individuals play a crucial role in protecting an organisation against cyberattacks.