With so many employers conducting operations remotely due to the coronavirus pandemic, cyber-security may have never been as important for organisations to prioritise as it is now.
In addition to the increased amount of work, data, meetings and potentially sensitive information being communicated or conducted online, it is now known that cyber-criminals have indeed been attempting to take full advantage of the situation. According to an August report from INTERPOL, cyber-crime has seen a stark rise in frequency, as well as shifts in targets, since the beginning of the pandemic.
In recent months, cyber-criminals have made a noticeable change from targeting small businesses and individuals to large corporations, government bodies and critical infrastructure. As these organisations have implemented remote work systems and networks to assist employees working from home, cyber-criminals have been attempting to take advantage of new gaps in cyber-security systems.
INTERPOL’s report noted that since the start of the pandemic, the following cyber-crime patterns have been related specifically to COVID-19:
- Scams and phishing—Cyber-criminals have specifically preyed upon fear of the pandemic by utilising coronavirus-themed phishing emails and impersonating government or public health officials in order to coerce victims into revealing personal information.
- Ransomware—Cyber-attacks have also targeted critical infrastructure and health care providers. Criminals understand that these types of attacks can garner large ransoms due to the importance, impact and need for such targets to be able to operate efficiently.
- Data harvesting—Malware can be used by cyber-criminals to harvest data. This type of cyber-crime is also on the rise, with perpetrators using information related to COVID-19 to gain access to systems, networks and sensitive data.
- Malicious domains—Cyber-criminals have also been registering a large amount of fraudulent and malicious website domains, often including words likely to gain the attention of victims, like ‘coronavirus’ or ‘COVID.’ According to an INTERPOL private sector partner, there was a 569 per cent increase in malicious domain name registrations between February and March this year.
Contains public sector information published by the ICO and NCSC and licensed under the Open Government Licence. This blog is for informational purposes only. It is not intended to be exhaustive nor should any discussion or opinions be construed as compliance or legal advice. In relation to any particular problem which they may have, readers are advised to seek specific advice. Further, the law may have changed since first publication and the reader is cautioned accordingly. Content by Zywave, Inc. provided by TH March.