Throughout history, criminals have exploited national emergencies for financial or illicit gain. As the COVID-19 pandemic spread across the globe, the risk for cyber-enabled fraud exploded in unparalleled scale and scope. Today, the U.S. Chamber of Commerce and FICO released a Special Report on Cybersecure Remote Working During COVID-19, spotlighting the evolution of cybersecurity threats during the coronavirus pandemic and providing expert insight as to how businesses can enhance their cybersecurity.
COVID-19 has changed many aspects of our lives—working from home, virtual meetings, and digital commerce are becoming our new normal—and there’s no reason to think that all of this will revert to the old normal once the pandemic wanes. Cybercriminals have taken advantage of this ‘new normal’ and have been exploiting cyber vulnerabilities among businesses.
How and Where Cybercriminals Are Targeting Businesses
Ed Cabrera, chief cybersecurity officer at Trend Micro, says in the new report that cybercriminal groups know that humans are often the weakest link in cybersecurity defense, and now they have a highly emotional issue ready to exploit.
“COVID is international, it definitely provides another opportunity for these groups to scale their social engineering [psychological manipulation] attacks,” Cabrera says. “We’ve definitely seen an uptick.”
Cabrera adds that his company has seen evidence of an increase in a wide range of cyberattacks linked to the pandemic. According to Trend Micro, in the first quarter of this year there were nearly one million spam messages sent, 48,000 hits on malicious URLs, and 737 pieces of malware detected—all tailored with content relevant to COVID-19. Often, these attacks prey on people’s emotions or simply their desire to learn about the pandemic.
"They exploit our trust. The trust we have in the applications we use, the emails that we get,” Cabrera says. “What they’ve done is play on the fear and frustration that everybody feels from having been locked down. They are sending phishing emails using topics like rising COVID hotspots in their area [or] increased death rates. Or any information that relates to school openings or COVID testing results.”
This is especially true in phishing (fraudulent email or website scams) attacks, which take advantage of short attention spans and seek to build trust quickly with the recipient.
“Certainly, the usage of COVID-19 as a lure for phishing operations has become more prevalent. That’s to be expected when you have something that has universal, global interest,” says Luke McNamara, principal analyst at FireEye Mandiant Intelligence. “It can be used for campaigns and intrusion targeting around the globe. Many of the campaigns and groups that we’ve been tracking for some time have now started to roll that into their operations.”
The prevalence of videoconferencing in a time of working from home is also something in which malicious attackers are interested. If nothing else, it gives them the opportunity to eavesdrop on confidential communications and gather intelligence.
Another challenge of working from home is changing from centralized, corporate networks to more distributed, home networks.
“With the move from a centralized workplace to a distributed one across a variety of home offices, COVID-19 brought new network security challenges to global IT teams,” said Doug Clare, vice president, fraud, compliance and security solutions at FICO. “As workforces around the world continue to operate remotely with data being exchanged digitally whether by virtual meetings or e-commerce, cybersecurity needs to remain top-of-mind for organizations.
Steps Businesses Can Take to Secure Their Virtual Working Environments
The good news is there are several steps businesses and employees can take to enhance their cybersecurity, especially now as the COVID-19 pandemic altered the work patterns of millions of Americans virtually overnight.
Here are six recommendations included in the report that every business can use:
- Consider the benefits of using cloud services
- Instruct employees on the proper components of a home office network
- Use a properly configured virtual private network (VPN)
- Take steps to introduce elements of security to teleconferencing
- Have a plan to identify and manage third-party and supply-chain risk
- Think through—and adhere to—sound Bring Your Own Device (BYOD) policies and procedures
“Americans have enough to worry about with economic uncertainty, health concerns, job losses, and so forth, and we want to ensure business owners have the right tools to increase the security of their virtual working environments,” said Christopher D. Roberti, senior vice president for cyber, intelligence, and supply chain security policy at the U.S. Chamber. “This Special Report provides recommendations and expert opinions that will help that process.”