The COVID-19 pandemic has forced national governments around the world to accept various measures to limit the spread of the outbreak. By doing so they set to support public health systems. Perhaps the most important aspect of all the measures is the hope to safeguard the economy and to ensure that the public is safe and order is accepted.
Most of these measures have a significant impact on the organized crime landscape. We have also seen the threats from violent extremists. If we try to identify the factors that burst into crime and terrorism:
- High demand for protective gear and pharmaceutical products
- Decreased mobility and transport of people across the world
- Citizens remain at home and are working from home, most relying on software solutions
- public life limitations will make some criminals less visible and displace them to home or online settings
- Increased anxiety and fear
- The decreased supply of certain illicit goods around the world
Criminals swiftly took advantage of the virus expansion around the world and are abusing the demand people have for information and supplies.
Criminals have used the COVID-19 crisis to carry out social engineering attacks, namely phishing emails through spam campaigns. Criminals have also increased the use of more targeted attempts, to prepare targeted campaigns for a specific company. If a company is infected with Ransomware, it can go out of business if it doesn’t pay the ransom. When you have your company working at home, Office 365 is an ideal solution. Each user has tons of space in the cloud, plus each user has a lot of storage dedicated for emails. Sharing data and communicating with peers becomes easy. One of the perils of using Office 365 is also having the proper Office 365 backup.
There is a long list of cyber-attacks against organizations and individuals, including phishing campaigns that distribute malware via malicious links and attachments. They also execute malware and ransomware attacks that aim to profit from the worldwide global health concern.
The number of cyber-attacks is significant and is expected to increase further with the second COVID-19 wave worldwide. Cybercriminals continue to innovate in the deployment of various malware and ransomware packages that are specially themed around the COVID-19 pandemic. They may expand their online activities and include other types of online attacks
we have noticed that most people were working from home when the lockdown happened around Europe. In the autumn, we can expect an increasing number of companies offering their employees an option for working from home.
The more and more people working from home, there is an increase in the attacks surface for remote access.
Ransomware and DDoS can bring your business to a stop. When a pandemic happened most IT managers and technicians were taken by surprise and had to organize work from home quickly. We have seen massive VPN deployments to provide everyone with the ability to work from home.
While most IT managers expected disasters in their main or disaster recovery sites, none expected moving people to a new paradigm to move their work to home and expect them to do their daily jobs. Most applications were not migrated to the cloud so remote access had to be provided by using VPN secure tunnel or RDP connections.
DDoS Attacks saturated internet links to the organization. SSL VPNs are suspected of SSL protocol attacks. If remote desktop is exposed to the internet, we see account takeovers. Brute force disrupts the service, and potential accounts can be discovered and sold on the underground. In 2019 Most infected way was RDP, and phishing came a close second. Corona was used by email scammers as bait to deploy infection. Scammers are promising cheap masks, vaccines, sanitizers. Scraped content published on malware-ridden websites, trying to lure people on clicking in need of the information.
How can we improve defense from Cyberthreats?
First line of defense is our users. If we educate our users what is ransomware, that they are the protectors of the company, we can expect great results. First, they will recognize phising email, but even if they will doubt, they can fall back and send email to IT for a review. We often forget that the backup is very imporant. If we get hit by a ransomware, we can quickly restore data, but if we don’t have a recent backup that can be restore quickly we can expect a lot of finacnial damage. That’s why having proper backup protection is essential. Stay safe