Even during a global pandemic, organizations, and individuals must remain vigilant of ongoing cybersecurity threats. Opportunistic cyber criminals are responsible for a global uptick in malicious cyber activity in recent months, whether they use the virus for context-dependent cyber attacks such as phishing campaigns or whether they perceive the increased work-from-home response to the pandemic as having relaxed cybersecurity controls, these attackers are willing to exploit the global panic for their own benefit. Many research organizations, news publications, and cybersecurity firms have noticed this dramatic increase in malicious activity and have found several recurring trends.
Trend 1: Cyber attacks are on the rise
According to Cloudflare, hacking and phishing attempts are up over 37%. Cloudflare also reports that there are days where they are blocking four to six times the normal amount of malicious traffic. While some security vendors, such as Barracuda Networks, have recorded a 600% increase in phishing attacks in the wake of the pandemic, which some have attributed to an increase in “recreational” hacking activity.
Trend 2: Hackers are offering their services at a discounted rate
According to CheckPoint Research, service-providing hackers on black-hat marketplaces have been selling their services at discounted rates with promo codes such as “COVID19”. This is remarkable in many ways, but it points to increased demand from hacker-for-hire marketplaces. CheckPoint seems to conclude that the increase of discount promotions and the burgeoning black-hat marketplaces is an attempt by a lot of professional hackers to accelerate their business growth with the opportunity of the pandemic and the perceived relaxed cybersecurity standards.
Trend 3: The banking industry is taking a beating
One of the most targeted industries, according to VMWare’s Carbon Black, is the banking industry, who has seen a 238% increase in cyber attacks since the start of the pandemic. Additionally, Carbon Black noted that the healthcare and banking industries experience 27% of the world’s cyber attacks. Ransomware has been a particularly prominent attack vector for the financial industry, reporting an increase in ransomware attacks by a factor of nine since February.
Trend 4: Health organizations are likely victims
The WHO reported in April that it has experienced a five-fold increase in cyberattacks directed at the organization. Unfortunately, some attempts seem to have been successful as 450 (thankfully out of date) WHO login credentials were leaked online. This five-fold increase is worrying because of the damage that could potentially be wrought on such a monumentally important organization who is responsible for coordinating the international response to the novel coronavirus pandemic. If critical WHO systems were to be affected by a highly destructive piece of malware, it could prove disastrous.
Trend 5: Increases in COVID related DNS registrations
Another worrying practice during the pandemic has been the increase in COVID-themed DNS registrations. Cyber criminals have been scrambling to register domain names containing phrases such as “coronavirus”, “covid19”, and “covid-19” for use in phishing campaigns. As a result, domain name registrars have been rejecting any customer looking to register a domain containing any coronavirus-related terms.
These trends are all concerning to those throughout the industry. Increasing malicious cyber activity is never a good thing, and with the current decentralized ad-hoc work-from-home environment many people find themselves in, it’s likely that individual employees will feel a disproportionate impact of the increased activity as more criminals target key work-from-home employees. In addition to the stress of the pandemic, organizations and individuals must also now deal with the increased pressure from cybercriminals who are eager to exploit the international pandemic for their own gain. For these reasons, it’s important that everyone employs cybersecurity hygiene best practices at all times and remain vigilant for possible cyber attacks.
