COVID-19 coronavirus panic is understandably very real and cybercriminals are taking advantage.
As with Ebola, the Zika virus and SARS; global cybercriminals have leapt on the opportunity to exploit vulnerable targets and the heightened interest in the pandemic as it develops.
The European Central Bank has already urged banks to prepare for an increase in cyberattacks during the pandemic, and we've seen people being hit with Coronavirus mapping scams and elaborate phishing attacks.
The message is clear: wherever your staff are working, you must make sure that your business is protected.
We've put together this guide outlining current common variety of attacks, how you can spot them and an overview of the process of maintaining cyber security:
Attackers send fraudulent emails, phone calls (vishing) or SMS (smishing) that appear to be from a reputable source. They’re designed to deceive the recipient into revealing sensitive information, or to complete another action such as opening an attachment or clicking a link to download malware.
Phishing used to be indiscriminate, but in recent years it has evolved into spearphishing. This is a targeted type of phishing that uses information on a specific target to appear more personal, relevant, and convincing. Attackers often use it when posing as someone senior in an organisation.
Distributed denial-of-service (DDoS) attacks overwhelm systems, servers, or networks by flooding them with more access requests than they can handle, They disrupt web traffic, taking websites offline and preventing authentic user access. Attackers launch DDoS attacks for various reasons. One of the biggest motivations is blackmail. Service unavailability from a DDoS attack creates reputational and financial damage with long-term impact, and attackers rely on companies paying them to stop the onslaught.
Criminals are also increasingly using DDoS attacks as part of broader attacks. Hackers use a relatively small DDoS attack as a distraction while they use other methods to break into the victim’s network.
Finally, DDoS attacks are a popular way for online communities to air their grievances. Hacktivist groups like Anonymous have released tools that participants can install on their computers to mount attacks against organisations whose practices they don’t agree with.
A malicious program thart covertly spreads between computers, usually damaging them or stealing data along the way. These programs spread via infected email attachments, files, and removable storage devices like USBs.
You’ve definitely heard of this one! Often spread through phishing attacks, ransomware software gets into your network and then takes control of your data. It encrypts the files on your PCs, denying access and bringing your business grinding to a halt. The attackers demand a ransom to release your files, but there’s no guarantee that paying it will actually get your data back. The average ransomware payment reached nearly $42,000 in Q3 2019.
Web application attacks
Insecure web applications are a common cybersecurity weak spot. Attackers use various techniques to assault them including cross-site scripting (XSS), which allows an attack to hijack a user’s online account. Another is SQL injection, in which they a piece of malicious code into an SQL database that allows them read, write and edit data, even infecting a visitor’s site with malicious code.
Criminals create or compromise a website to install malware onto visitors’ computers when they visit them using a vulnerable web browser. Some attackers even target specific websites such as industry discussion forums to infect visitors whose systems they want to access, in what’s known as a ‘watering hole’ attack.
Man in the middle
The attacker inserts themselves between two legitimate hosts (e.g. device and server) then impersonates either or both of them. They can intercept and change messages, making malicious requests which appear to come from
the trusted source.
Every so often a flaw is found within a piece of software or operating system that creates a vulnerability in their security. In those circumstances software developers rush to issue a patch that fixes the flaw, but at the same time attackers will also work quickly to create a piece of malware that exploits the vulnerability and compromises your system before the patch is released. This malware allows attackers to take control of your system, stealing data, corrupting files, and tampering with information.
One of the easiest attacks to mount, this involves harvesting lists of login credentials from other hacks and then using them to try and break into different online services. If someone has reused the same email address and password for multiple accounts, they’re highly vulnerable to such attacks.
Protecting yourself from online threats
Cybersecurity is a circular process that constantly repeats to stay up to date with the latest technology developments and threats. It involves several stages:
- Identify: Security begins by understanding your IT infrastructure and applications, and the information that they support. This is also the time to identify the cybersecurity risks facing your organisation.
- Protect: Only then can you put protective measures in place to defend them against cybersecurity threats.
- Detect: Many online attackers are adept at flying under the radar. Proper network and system monitoring is crucial if you are to spot them.
- Respond: A proper cybersecurity plan acknowledges that attacks may succeed despite your best efforts. Just as you should have a plan in placefor disasters like fires and floods at home, an incident response plan for cybersecurity attacks will help you hit the ground running and minimise the impact of an attack.
- Recover: Should the worst happen, it’s important to have backups in place to get up and running quickly again. Smart businesses also learn from attacks so that they can harden their security posture.
Don’t be discouraged by these five steps. They may seem daunting but much of the work involves some simple and straightforward cybersecurity practices.