Phishing has been one of the favorite modes of cyber-attacks employed by malicious actors for years now. COVID-19 has given them a fresh lease of life by providing these threat actors to ramp up their phishing efforts to an entirely new level. Here are some chilling statistics that drive home the point.
- Phishing emails have surged by a staggering 667% in one month, February 2020.
- With January 2020 reporting 137 incidents, the figure rose to 1188 in February, and 9116 in March.
- The break-up shows 54% of phishing attacks as scams, 34% as impersonation attacks, 11% classified as blackmail, and 1% comprising business email correspondence.
Phishing attacks have increased and much of this can be attributed to individual negligence, unawareness on the part of people, and the failure of organizations to build necessary controls around their information assets.
Phishing During COVID-19
Globally, it has been accepted that a complete lockdown is one of the most reliable ways to halt the pandemic in its tracks. With the lockdown enforced, no one would be able to travel. Therefore, this situation has given rise to a new breed of workers, also known as the virtual workforce, employees who work from home.
Now, working from home involves teleworking, which, in turn, relies on emails as one of the primary communication modes. Therefore, there has been an unprecedented spurt in email traffic during COVID-19. Phishing also depends on email for its proliferation. The increase in email traffic provided the perfect breeding ground for the rise in phishing attempts by malicious actors lurking all over the place.
Here is how these threat actors take advantage of the situation and indulge in cybercrime.
- Phishers take advantage of the pandemic by playing on the unsuspecting people and tricking them into revealing their personally identifiable information or PII.
- As an alternative they try to entice users to click on malicious links and attachments, thereby downloading malware and locking them out of their systems.
- The malicious actors impersonate governmental organizations, health ministries, public health centers, and even heads of Government to disguise themselves as reliable sources.
- As these phishing emails look authentic because of the presence of specific organizations’ logos, people unwittingly fall prey to their evil designs and end up compromising their PII.
How Do These Scammers Operate?
Before discussing the cybersecurity challenges organizations face and the steps needed for protection, one should know how these scammers operate.
- They send innocent-looking emails with malicious attachments or links enticing people to download them.
- These messages seem to originate from a reputed and authentic source. Hence, people fall for the bait and click on the links or download the attachments onto their computers.
- The malicious software or malware proceeds to take over the network and starts logging your keystrokes and access personal information, including financial data (such as your bank a/c or credit card details). The final step of this façade is end-users becoming victims of identity theft and substantial data loss.
Cybersecurity Challenges Facing Organizations
With the global pandemic showing no signs of abating, organizations are at crossroads when it comes to doing business. They are facing tremendous challenges, both on the business and information security fronts.
- Though beneficial to the business, the virtual workforce has opened up multiple avenues for cyberattacks because of their dependency on unprotected personal devices and unsecured home networks.
- The vulnerable virtual workforce is the ‘People’ part of PPT (People, Proces, and Technology) and hence are prone to social engineering attacks.
- SOCs (Security Operations Centers) are facing the heat and are operating with impaired visibility because every situation looks anomalous, and not all anti-phishing solutions offer what they promise in most of the cases.
- Cybercriminals have widened their network and are targeting critical business assets to exploit vulnerabilities and plan for future attacks.
- Services like the health and financial sector have been hit hard by innovative ransomware attacks aimed at disrupting connectivity using DDoS attacks, as these sectors are generally observed not to adopt very high standards of cybersecurity.
How Organizations Stay Safe And Relevant In The Post-COVID Era?
The lockdowns will not be forever. Restrictions are being gradually lifted, and the economies are showing signs of opening up. Under such circumstances, one can expect a significant change in the way people do business. Some of the most significant changes could be:
- Increased reliance on the virtual workforce
- Accelerated migration to cloud-based services
- Enhanced usage of online collaborative tools
- A manifold increase in e-commerce activities
- Expansion of cyberattacks because of increased teleworking
- Concentrate on enterprise resilience
For achieving these objectives, businesses should focus on the following areas.
Secure Teleworking Solutions
Organizations should ensure maintaining cybersecurity controls for the virtual workforce. These measures include using secure email solutions, VPN, managing identity and access of the remote workforce, implementing mobile device management solutions, etc.
Ensuring A Backup Plan
Organizations should focus on implementing a robust Business Continuity Planning (BCP) and Disaster Recovery (DR) plan along with a well configured and tested backup plan to bounce back in case of an attack.
Implementing the best anti-phishing solutions
Organizations should look to implement phishing protection solutions, that also guarantee email backup, advance threat defense, email impersonation protection.
Have a robust cybersecurity policy
The existing cybersecurity policies need a thorough makeover because of the change in the risk perception post-COVID-19. Organizations should insist on features like multi-factor authentication, single sign-on, and automatic logout from unattended devices.
Revamp BYOD Policies
As the virtual workforce will increasingly use their devices, the organization should revamp their BYOD (Bring Your Own Device) policies to ensure adherence to the cybersecurity norms laid down in the cybersecurity policy.
Cyber Incident Response Plan
As the frequency of cyberattacks increases post-COVID, one should not be caught unaware of such an eventuality. Organizations should formulate a cyber incident response plan to ensure a quick response, recovery, and business continuity.
Phishing simulation and training
Phishing attack simulation and phishing awareness training can help employees understand what to look for, and be more attentive in determining the authenticity of an email.
Third-Party Risk Management
A trusted third-party vendor or solution provider who understands the organization’s unique computing environment and requirements can go a long way in safeguarding your information assets.
Have a Cyber Insurance Policy
Despite ensuring all the possible security measures, cyberattacks could still happen. It can result in a financial or reputational loss to the organization. Therefore, businesses should focus on covering these losses by investing in cyber insurance.
With the entire world reeling under COVID-19, businesses have taken a severe hit. Many organizations have employees working from home, thereby giving rise to a virtual workforce. Cybercriminals have seized on this opportunity to increase their footprint and carry out phishing attacks with impunity. Statistics show that there has been a manifold increase in phishing and other cybercrime-related activities. Therefore, organizations should formulate effective cybersecurity policies and implement advanced anti-phishing solutions that can address today’s challenges and help them to stay safe and relevant in the post-COVID-19 era.