How ‘cyberhygiene’ can help us fend off cyber attacks during COVID-19

There are simple steps to stay safe in a pandemic; with a hike in opportunistic attacks, the same is also true for cybersecurity.
14 April 2020

The looming threat of AI-powered cyber attacks. Source: Pexels

Worldwide governments are doubling up efforts to curb the spread of the coronavirus, following guidelines from the World Health Organization (WHO) to deploy country-level policies and plans. 

The enactment of various measures to restrict non-essential travel and movement has significantly impacted the operations and organizations of various businesses.

Seizing the dual opportunity posed by societal anxieties and concerns over health, finances and availability of good and services, and the business security vulnerabilities attached to operational disruption and home working, cybercriminals have swarmed. 

Striking in the midst of chaos

Scott Watnik, a cybersecurity attorney from law firm Wilk Auslander recently shared with TechHQ that the mass panic and fear surrounding COVID-19 makes it “an optimal psychological angle for cybercriminals to exploit.

“When people are constantly concerned or stressed about this health crisis, they are more prone to be lax with respect to cybersecurity.”

The increased anxiety has monumentally lowered the guards of the public when it comes to engaging with seemingly related content and campaigns. 

Striking in a global crisis on this scale and magnitude is so effective, it seems, that cybercriminal rings are even emerging from dormancy to capitalize on it.

Recognizing the effectiveness of pandemic-themed context as bait, a myriad of cybercriminal  is emerging from inactivity.

On that note, Derek Manky of FortiGuard Labs, told SiliconANGLEGroups that we haven’t seen active since about 2011, 2012, malware campaign authors, they’re riding this bandwagon right now.”

Europol has also monitored the surge in cybercrime and released a new report detailing a plethora of high-profile cases that have directly affected the safety of public organizations and even led to significant financial losses. 

One of the cases involved a fraudulent transfer of US$7.2 million between two companies in Singapore for the acquisition of alcohol gels and face masks, in which the goods were never received. 

Investigating and analyzing the latest dynamics and adapted strategies of criminal activities online, EU Member States are ramping up efforts to combat the new threats. 

The remote working challenge

While government and international organizations’ efforts in combating cybercrimes are manifold, a community of remote workers are placed in vulnerable situations due to a lack of readiness. 

According to a survey by Cyber Readiness Institute (CRI), up to half of small and medium enterprises (SMEs) do not have a cybersecurity manual to go in line with remote working policies. It’s troubling, with about 40 percent of employers revealing economic uncertainty in the current climate as a major contributor to low investment in cybersecurity tools

With already reduced tech budget and spent, companies are met with the reality of a climb in cyberattacks.

Kiersten Todt, managing director of CRI, remarked that small businesses are most affected since resources and revenues are unpredictable.

The report also showed that only 46 percent of businesses provide training to prepare workers for remote working. The number declines to 33 percent for organizations with less than 20 employees.

Even though budgets are kept tighter than ever, Todt highlighted the cultivation of “cyberhygiene” and online social distancing in combating the hike in cyberattacks. 

“The best way to prevent the spread of COVID-19 is by doing the basics like washing your hands. Similarly, the cyberhygiene basics will go a long way in keeping small businesses resilient in this time of increased threats,” Todt said in its site

In the same vein, Catherine de Bolle, the executive director of Europol, also advised remote workers to “protect your computer as you protect your house.”

Bolle emphasized on bad actors’ intention to profit off the high demand for masks and gloves by tricking users online through emails and other forms of digital communication.