Jake Moore, Cyber Security Specialist at ESET discusses the increase in “scareware” during the current COVID-19 crisis, and how it could lead up to a “cyber pandemic” in the near future…
What have been some of the biggest cyber threats that have emerged over the past year?
The cybercrime market is constantly evolving. Typical tactics used by the creators of malware to spread infections are difficult to detect by antivirus products alone these days. Moreover, second-generation malware can go undetected for months because malicious actors always update, evolve and improve their tactics to avoid detection as much as possible as we have seen with large scale attacks such as with BA.com. To enhance security, businesses should be using modern anti-malware solutions-focused predominantly on detecting new evolving malware. Threat intelligence software programs will identify threats and add value to cyber threat information by evaluating the context of its source and reliability.
Traditionally, most companies use a prevention-based approach to cybersecurity, but recent advances in machine learning have enabled a trend towards active detection of threats due to the increase in artificial intelligent threats. Built-in with the increase in deepfakes, we have not only seen more impressive threats over the last year, but this sort of cybercrime is thought to increase exponentially over the next few years too.
How has the COVID-19 crisis affected consumers and businesses from a cybersecurity point of view?
The most effective attacks play with emotions hence phishing attacks have increased in the pandemic. When these phishing emails are coupled with the desperate need for the latest information around COVID-19, it makes huge numbers of people click where they shouldn’t and in turn, they forget what they’ve learnt before.
Trust is at the heart of the pandemic and it’s what people are really in search for. Therefore, scareware has increased as the inevitable uncertainty rises. People have increased their searching for the most up to date and urgent information about the outbreak.
Threat actors are well aware that businesses and people are currently looking for urgent advice and other information. Therefore, it’s at times like these where people are far more likely to click on unknown malicious links and rouge attachments.
How are cybercriminals taking advantage of the current working from home and homeschooling situation?
Working from home is nothing new, however, moving a large portion of your workforce to work from home at once inevitably comes with security problems. When each member of your workforce becomes their own IT department, many short cuts will be taken and companies need to accept this risk. Some companies have taken to monitoring software whilst at home which I think is not the right way to go about it. Monitoring your staff acts as the complete opposite and effectively causes friction and a lack of trust up the chain.
We may well be walking into a cyber pandemic whilst our priorities are diverted by COVID-19. Some cyber professionals are even suggesting that we are about to experience one of the world’s biggest cyberattacks. Seeing as we are not able to maintain the gold standard with our change to the world of working from home, it is inevitable that attacks increase and the magnitude could be catastrophic.
For more security-themed articles, click here
PCR’s 30 Under 30 list 2020: Nominate yourself or a colleague now! All details here.
Read the latest edition of PCR’s monthly magazine below: