Increases in cyberattacks and ransom amounts are expected during the pandemic.
As the coronavirus pandemic continues, one thing organizations can count on is cybercriminals making the most of this stressful and uncertain time by expanding the scope and capabilities of their attacks.
Many companies and government agencies already have sent employees home to work remotely in response to concerns about the coronavirus, and thousands more likely will follow suit until concerns about the contagion ease. The International Association of IT Asset Managers (IAITAM) is warning that most employers may have rushed into making their decision without thinking through how to secure their most sensitive data.
“We always say that you can’t manage what you don’t know about and that is going to be a truth with nightmare consequences for many companies and government agencies struggling to respond to the coronavirus situation,” said Barbara Rembiesa, IAITAM’s CEO. “The impulse to send employees home to work is understandable, but companies and agencies without business continuity (BC) plans with a strong IT asset management (ITAM) component are going to be sitting ducks for breaches, hacking and data that is out there in the wild beyond the control of the company.”
To learn more about the increased risk during the coronavirus pandemic, we spoke with Tyler Moffitt, Webroot‘s security analyst, Alex Willis, BlackBerry‘s vice president of sales engineering and ISVs, and Scott Barlow, Sophos‘ vice president of global MSP.
Moffitt said he doesn’t see cybercriminals “being nice to us” during this difficult time of quarantine and pandemic outbreak.
“If anything, we will only see an increase of attacks and ransom amounts since this is when infrastructures of modern civilization are needed most, but have the least amount of time to react and debate on paying or negotiating the price,” he said. “Also, many of the cybercriminals who breach and ransom as a side job are now forced to either work from home or their shifts are completely canceled, leaving them with more time and motivation to make up their income elsewhere. This is a prime circumstance for increased cyberattacks, and individuals and businesses should be hyper aware of their behavior both online and offline.”
The risk of business email compromise (BEC) rises when people are out of the office and in different locations from normal, Moffitt said. Individuals who are responsible for sending payments or purchasing gift cards are targeted through spoof email accounts impersonating company executives or familiar parties, trying to trick victims into giving up wire transfers, credentials, gift cards and more, he said.
There’s been a reported increase in attacks on hospitals, email phishing campaigns and malware-infected Covid-19 mapping applications, Willis said.
“We see additional risk in the massive work-from-home transition,” he said. “Hackers know people are working from home on personal…