Cyber criminals exploit Covid-19 lockdown crisis.
The Covid-19 global pandemic forcing millions of office workers to become remote workers has created a “perfect tsunami” for cybercriminals seeking to exploit the crisis and penetrate corporate defences via unsecured home networks, according to a new report.
According to Martin Butler, senior lecturer in digital transformation at the University of Stellenbosch Business School (USB), cyber security provider Kaspersky has reported a spike in South Africa in devices affected by cyberattacks, from the norm of under 30,000 daily to 310,000 on 18 March.
He said similar reports from across the cyber security industry and across the world have also shown extremely high levels of cyber exploits since.
Unprecedented digital dependency has created unprecedented vulnerability, and an increase in malicious attempts to exploit the mass shift to online platforms for remote working, with South Africa experiencing a ten-fold spike in network attacks in mid-March when much of the country moved to working from home.
Butler says companies should ensure that the “digital equivalent of hand washing, face masks, physical distancing and decontamination” is being implemented by their now-remote workforce.
Last week, the World Economic Forum (WEF) said that the rise in cyber criminal activity seeking to exploit the Covid-19 crisis made cyber security “critical to collective resilience” in the face of the pandemic’s impact on the global economy.
Butler says the risk of “brute force attacks” in which cybercriminals attempt various password combinations to gain access to corporate systems via individual user accounts remained high and, with compromised credentials responsible for over 80% of breaches, businesses need to implement encrypted communication such as Virtual Private Networks (VPNs) now more than ever.
“Ensuring company policies are applied on the corporate laptop that shares a home network with multiple devices such as mobile phones, is not sufficient,” he says.
Cyber security company Cynet has identified two main trends in the coronavirus-linked information security breaches, attacks aimed at stealing remote user credentials, and weaponised email attacks such as phishing and malware that may not be picked up by home email software.
With most work-from-home employees using online collaboration and video conferencing software, Butler warned that some of these systems are not yet integrated into corporate single-sign-on systems or thoroughly tested and embedded in safe remote environments.
“This creates a perfect tsunami for cybercriminals. They can attack devices on unsecured home networks, mostly running outdated software or unsecure hardware, or exploit employees who are using relatively new systems at the extreme of their comfort levels,” Butler says.
“For cybercriminals it is the perfect time to get a malware link to the anxious, and not very tech-savvy, end user wanting to know the latest Covid-19 news and information. One ill-informed action may be all that is required for ransomware to penetrate corporate defences from remote locations,” he says.
While highly secure corporate networks should be able to prohibit or at least identify unauthorised activities to ensure that data assets remain protected and services are uninterrupted, home-based wi-fi networks and 4G connections don’t have the benefit of corporate security policies and technologies, according to the report.
“Although it is in principle possible to secure these distributed onramps to the internet that have become central in the work-from-home context, protection of them is now the responsibility of each individual user and not corporate IT, and therein lies the danger,” Butler says.
– African News Agency