With multiple members of your team working from home or on furlough, can you be certain that none of them have a malicious threat on their device, ready and waiting to be unleashed on your corporate network?
As lockdown began, unprepared organisations scrambled to move quickly to a work-from-home model resulting in security weaknesses and distracted staff, which in turn led to easier targets for opportunistic hackers. To exploit the pandemic and people’s fear, attackers started to use CV19 themed malicious apps, malware attacks, and phishing scams.
One high profile example is an email purporting to be from HMRC, advising of a new tax refund programme for dealing with the outbreak. If the reader clicked on the included 'access your funds now' link, it would take them to a fake government webpage asking for all their financial and tax information.
Another email, claiming to be from the World Health Organisation, asked recipients to review an attached document on coronavirus safety measures. Upon opening this document, the unlucky victim’s device would be infected with AgentTesla Keylogger, a piece of malware that monitors all their online activity.
The latest breed of threats can easily go undetected, and the risk is increasing to such an extent that a warning was issued in a recently published report by McAfee.
McAfee’s CV19 Threat Report, published in July 2020, focuses only on cyber-criminal activities that are related to CV19 and the evolution of these cyber threats in the first quarter of 2020.
In the early stages of the pandemic, these malicious campaigns began on a small scale but quickly became a deluge of thousands of new threats every day. Within the report we can see that.
- PowerShell Malware, which bypass antivirus software by hijacking trusted tools instead of installing files for malicious activity, has had an increase of 1,902%.
- Malicious URLs with references to CV19 and coronavirus have spiked. The numbers increasing from 1,600 a few weeks ago to 39,000.
- Cloud services attacks have increased massively in the following sectors: Energy & Utilities +472%, Financial Services +571%, Manufacturing +679%, Government +773%, Education +1,114% & Transport & Logistics with a staggering increase of +1,350%.
Considering the ever-increasing sophistication and volume of these attacks, is traditional antivirus software enough in a post-covid world? Whilst antivirus has always been one of the most important cybersecurity layers, the threats are changing and adapting daily and must be dealt with by utilising next-generation security tools. For example, endpoint protection and network monitoring with artificial intelligence (AI) and machine learning can help organisations keep up with the constant evolution of threats.
Having a best-of-breed approach with security partners and security software may be the preferred choice for optimal protection. Capito partners with prominent vendors like Check Point and Barracuda who provide industry leading solutions that defends organisations from a wide variety of virus and malware threats delivered within email.
One of the most important layers of security, and often your network’s first line of defence against an attack, is your staff.
User awareness training on the most up-to-date threats can pay dividends and has become even more crucial as remote working becomes the new norm. To lead by example, Capito has set up an internal security newsletter that is sent to all staff. This proactive approach ensures that the team are aware of new and developing threats, and that they have guidance on the best practice in protecting both individuals and the company from attacks.
Now more than ever, cybersecurity awareness is critical for businesses to move forward in a post-covid world.
Many people may be anxious about safety and returning to the workplace. Overall, returning to ‘normal’ operations will not be simple or clear-cut. To deal with these new challenges, it will take teamwork, empathy, awareness, and collaboration. We are all in this together.
For more information on how Capito can help keep your own network secure, click here or email Andrew directly to discuss your own specific needs.