Ironically, when the Covid-19 pandemic put most countries around the globe under lockdown, it presented cyber-criminals with a golden opportunity to go about their nefarious business more vigorously. The sheer anxiety which beset many ― not knowing whether and how the pandemic will impact them or their loved ones; the paucity of verifiable information about the disease; and often the conflicting information which was available on the net ― all these resulted in people often clicking on links they might have been dubious about earlier.

Covid-19 Cyberattacks Are Mostly Caused by Evolving Online Behavior

It goes without saying, online behavior of many people has changed radically in the last year and a half. Since the whole world have been searching for information on the coronavirus, uncountable fake websites have mushroomed on the net. When emails come in from what seem to be authentic sources, few people are so security conscious as to pause to consider before downloading attachments. These phishing attacks steal your data through an embedded remote access trojan or other malware in a PDF or Excel sheet, and by installing it in your system. Typically, Outlook and Microsoft 365 are targeted by these phishing attacks.

Work from Home Is an Unlooked for Windfall for Web Scamsters

Perhaps the biggest windfall for the cyber attackers has been the “work from home” switch in functioning which many organizations have been compelled to make. Whether it was because a country was under lockdown, and people could not reach the office physically, or because it was a genuine concern for safeguarding the health of employees; most companies and other organizations had to allow their personnel to work from home. In most cases, this meant that the workforce was using own devices which may or may not have the same level of IT security measures in place. Of course, if the IT department has the foresight to link users’ devices, especially of those who use their own devices, to the organization’s detection tools, it will prevent malware from taking over any devices on which organizational data are stored.

Lack of Supervision and Relaxed Controls Have Also Proved an Achilles’ Heel

It became necessary to grant access to the organizational server to individuals working from home without the IT department’s oversight. It cuts both ways. A not-so-above-board worker might be on the lookout for making a fast buck at the company’s expense, which could lead to a cyberattack. A temporary lapse of judgement on the part of a well-meaning employee could introduce malware like ‘Emotet’ which hacks into every computer connected the company network. Whether the trojan or other malware spies on the organization’s processes, steals credentials or simply makes it impossible for users to access their files; every cyberattack costs your organization steeply. While the reputational loss cannot always be computed in dollars or cryptocurrency; it might cripple an organization because customers and even vendors would be inclined to view it with suspicion and wonder whether their data is secure.

Pause Before You Donate

The cyber criminals don’t hesitate to capitalize on your charitable instincts. Kind-hearted people, who would like to donate to families who lost their bread earners to Covid-19, or to those who have been adversely affected by the pandemic induced economic downturn, have been among some of the worst affected by coronavirus related cyberattacks. By responding to an email which promises to enable you to donate anything from food, medicines, and other medical supplies, you could well be allowing yourself to become a target of cyber-criminal activities. Even when buying protective equipment or supplies to protect yourself or your loved ones from possible infection, you need to be wary that you have not allowed yourself to be click baited.

Cyberattacks on Even Healthcare Providers

Unfortunately, the coronavirus pandemic has actually increased cyberattacks on healthcare providers, including hospitals, as the cyber-criminals are aware that doctors, nurses, and path labs cannot afford to be locked out of EHRs, or their own systems. When any delay might cost lives, hospitals and other healthcare networks are paying an arm and leg to get back on track when hit by ransomware.

Takeaway: No person or organization can afford to relax their vigilance, or safe internet practices even during corona times. Now more than ever, prudence is the better part of valour. Therefore, if you use your own laptop, or are part of the organization’s IT team, remain vigilant about security updates, and make a point of running them; have more than a basic firewall; ensure that you lock the screen every time you go for a comfort break, or simply go to answer the door; be cautious about the emails you respond to, especially if it has an attachment; be wary of click baits. If you feel that you might need professional assistance; reach out to us. We will help you stay safe and secure