The coronavirus pandemic triggered a wave of digital transformation with companies across the globe bring their businesses online. While this has opened new opportunities for businesses, the pace or transformation has resulted in an increase in cybercrimes as attackers continue to take advantage of our greater reliance on the virtual world. Now that organizations are planning and implementing their recovery strategies, there is one form of business that has exploded - the creation and use of malicious software. Users across the world have fallen victim to cyber-criminals. The most common attack being that of “Ransomware”. While Ransomware is nothing new, the ways in which it is being used and spread is.
The change from in-person meetings to online video-conferencing calls was exploited by cybercriminals to launch ransomware attacks by crashing video calls and baiting users with malicious domains proponing to be the video-conference company. Of course, the links on the fake domains download malware. A significant new cyber-tactic that has emerged is ‘double extortion’. A technique in which cybercriminals, who are frequently part of a collective, extort additional money by threatening to leak sensitive data that was extracted prior to encrypting the systems. The cybercriminals were merciless, attacking health care systems, hospitals, national infrastructure, as well as their “traditional” targets of companies and individuals. No target is considered to be “off limits”.
According to the 2020 Malwarebytes state of malware report, the Lockdown saw a substantial rise in the use of Stalkerware - a monitoring software that can be best described as an unethical spyware used for stalking. Often deployed by people to spy on their partners, the software once installed lets the user access personal information ranging from the victim’s location, private photos and videos, emails, texts, and recorded phone conversations. The period between January – December 2020, saw a 565% spike in malware detections. Spyware app detections at the same time grew by 1,055%. The Pandemic itself also created new challenges to digital privacy. Governments and organizations employed digital contact tracing in an attempt to contain outbreaks. This presented a new challenge for privacy professionals. Can we have effective contact tracing while maintaining personal privacy? With the number of contract training schemes that were scrapped or extensively redesigned then it would be safe to assume the answer to that question is “probably no”. In understanding how a cybercriminal operates we can refer to Lockheed Martin’s “The Cyber Kill Chain”, This provides a simple understanding of the steps that a hacker takes.
Playing to Fears and Getting Hooked
After a cybercriminal has completed the first two steps of the The Cyber Kill Chain® the next step is to “deliver” the malware. Here the cybercriminal has a new set of opportunities; pandemic fears. Any event that can exploit fear, confusion, or any high emotion to get potential victims to click on links or open attachments is used. Malevolent phishing is posted as health advice, pandemic updates or even appeals for help from well-known organizations.
Thank you, and Goodnight
Once the victim has been enticed to “click-the-link” or open the attachment, then the ingenious and cleverly crafted payload is deployed. Just like a virus in our body, the cybercriminals “virus” searches for a weakness and exploits that by deploying its own “DNA” on to the system, now it can take control and perform the actions that attacker wants. This is the final goal for every cybercriminal.
Your device needs vaccination too
The vaccine that can help protect your devices is patch updates. These patch updates contain fixes for known exploits and vulnerabilities on the device they are updating. This help breaks The Cyber Kill Chain®. It is recommended by manufacturers that patch updates should be set to automatic in order to automatically update and protect your devices. Similar to how the COVID -19 vaccination does not guarantee a 100% protection, device vaccination also goes only so far, but it does not mean you should not attempt to protect your devices. Additionally, the most effective step is to be prudent while using your devices and not blindly clicking on the “OK” button or link when random pop-ups appear on the screen. Being attentive and mindful has been proven to avert most attacks and prevent you from becoming part of the chain of compromise. This is the digital equivalent to washing your hades and wearing a mask!
For organizations, cybersecurity is even more important as most employees today are connected from homes using their home Wi-Fi networks that usually have weaker protocols (WEP instead of the more commercially used WPA-2, for example). This not only makes devices directly vulnerable, but also exposes them to hacks on other personal devices connected on the same network, such as mobile phones, digital assistants, smart appliances, etc. Pre-empting, preparing, and spreading awareness will go a long way in reducing risk. While staying home and being virtually connected does help keep one in staying physically safe from COVID-19, it surely increases the chances of becoming a cybercrime victim. So, break the chain and protect your personal devices to avoid getting hit by a virus of a different kind.
About The Author: Barry Cook is VFS Global’s Group Data Protection Officer and is in charge of ensuring the organization’s compliance with Data Privacy & protection legislation across all locations of operations.