Many businesses have been affected by cybercriminals running rampant across susceptible industries in the wake of COVID-19.
Within the Caribbean, while we do acknowledge cybercrimes, undoubtedly it is not given the high-level attention needed. However, we must ensure the safety and sustainability of our industries and governmental organizations as work patterns and organizational structures alter.
Statically proven, cyberthreats have exploded in 2020, abusing the needs and fears of global populations. Cindy Murphy, President of Digital Forensics at Tetra Defense notes that what cyberworld is experiencing is ‘social engineering at its worst- and unfortunately, it is more likely to work in these uncertain times.’
An Interpol assessment on COVID-19 impact on cybercrime has shown a significant shift from individuals and small businesses to major corporations and even governmental organizations. With organizations and businesses rapidly implementing remote systems and networks to support staff working from home, criminals are also taking advantage of increased security vulnerabilities to steal data, generate profits and cause disruption.
Canada’s largest medical laboratory serving most Canadians experienced a data breach which affected approximately 40% of all Canadians, more than 15 million people. This breach was described as the ‘most sensitive information’ by the former privacy commissioner of Ontario, Ann Cavoukian.
Unfortunately, the Caribbean’s biggest conglomerate, ANSA McAL's made headlines as it fell victim to ransomware hackers holding some of the company’s IT systems hostage.
This experience possibly has businesses and industries on the edge of their seats as many are turning to remote environments to facilitate sustainability and a safer working environment for employees.
Evidently, it is important to familiarize ourselves with a range of Cyber Security options as well as the possible variation of cyber threats.
Key findings highlighted by the INTERPOL assessment of the cybercrime landscape in relation to the COVID-19 pandemic includes but is not limited to:
- Online Scams and Phishing (Threat actors have revised their usual online scams and phishing schemes. By deploying COVID-19 themed phishing emails, often impersonating government and health authorities, cybercriminals entice victims into providing their personal data and downloading malicious content. Around two-thirds of member countries which responded to the global cybercrime survey reported significant use of COVID-19 themes for phishing and online fraud since the outbreak.)
- Disruptive Malware (Ransomware and DDoS) - Cybercriminals are increasingly using disruptive malware against critical infrastructure and healthcare institutions, due to the potential for high impact and financial benefit. In the first two weeks of April 2020, there was a spike in ransomware attacks by multiple threat groups which had been relatively dormant for the past few months. Law enforcement investigations show the majority of attackers estimated quite accurately the maximum amount of ransom they could demand from targeted organizations.
- Data Harvesting Malware - The deployment of data harvesting malware such as Remote Access Trojan, info stealers, spyware and banking Trojans by cybercriminals is on the rise. Using COVID-19 related information as a lure, threat actors infiltrate systems to compromise networks, steal data, divert money and build botnets
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime. And according to the company, cybercriminals prey on societal vulnerabilities. We can see COVID-19 as a prime example with the statistics revealed. Here is some information noted thus far:
- Scams grew by 400% in March, making COVID-19 the largest security threat ever.
- In April, Google blocked 18 million daily malware and phishing emails related to COVID-19.
Panda Security has projected that worldwide cybercrime expenses will reach $6 trillion by 2021. The projection of these cybercrime statistics has certainly given us a credible idea of the future. It imperative that we are vigilant by inducting well-researched antivirus programs to our larger companies, small businesses, industries, and personal systems.