Blog 09 April 2020

Cyber Security: Coronavirus is Christmas Come Early for Hackers

Cyber criminals are social chameleons – constantly adapting and searching for opportunities to use their technical expertise to exploit primal emotions.

With the widespread outbreak of COVID-19, people are afraid and hungry for information. At the same time, employees around the world are relying more than ever on technology and Virtual Private Networks (VPNs) to work remotely. As a result, the pandemic offers unmatched technical and psychological vulnerabilities for cyber criminals to prey upon.

In a rare joint alert this week, the U.K. National Cyber Security Centre (NCSC) and the U.S. Department of Homeland Security (DHS) warned of this escalating threat. Attackers are capitalizing on human concern and desperation by spoofing authorities like the World Health Organization and using the guise of emergency COVID-19 updates in phishing campaigns, according to the alert. Additionally, threat actors are increasingly targeting newly popular remote working tools, such as Zoom and Microsoft Teams.

Recent events validate these concerns. In February, IBM’s X-Force cyber security unit identified an email campaign claiming to contain coronavirus information but delivering the Emotet Trojan. Similarly, a recent whitepaper by the Nokia Threat Intelligence Center noted hacks ranging from malware specifically created or modified to fit the COVID-19 theme to social engineering campaigns with phishing emails. Several U.S. state attorneys general have launched a joint investigation of Zoom’s security measure in the wake of disturbing “zoombombing” attacks, which have included porn and racial slurs. Click rates on phishing emails are almost three times as high among those working from home, without the protection of company firewalls or antivirus programs. Scam websites offering medical “cures” or overpriced personal protection equipment, such as face masks, are on the increase, and cyber criminals have even sent out fraudulent emails posing as the WHO or CDC, requesting passwords and Bitcoin donations to fund alleged vaccine projects.

Accordingly, it has arguably never been more important for organizations to re-educate employees on cyber risks and ensure they have up-to-date playbooks for responding to cyber-incidents. The NCSC and DHS alert provides a listing of 2,500 known Coronavirus-related cyber threats and offers a number of specific threat mitigation recommendations. In addition to this advice, we would like to recommend a number of additional steps organizations should consider from a communications perspective:

  • Communicate clear and mandatory IT security rules from data protection to installing new apps or programs to securing your home WiFi. Communications teams should collaborate closely with IT departments to develop precise and easy-to-understand instructions and procedures for those working from home. These must be framed as requirements not mere guidance.
  • Establish a recurring update on cyber risks. As the threat landscape is rapidly evolving, it is important to establish a cadence of regular employee communications. Such updates can be distributed via your intranet or as a weekly email update.
  • Leverage easily digestible visual content, such as videos and infographics to communicate about cyber threats. With the additional pressures and distractions presented by working from home, visual content is more likely to be consumed and comprehended than lengthy text.
  • Update crisis response plans and strengthen your crisis readiness through virtual trainings. As most organizations now have fully remote workforces, companies won’t have the luxury of assembling their cross-functional response teams together in physical “war rooms.” Now is the time to stress-test your company’s ability to respond to a crisis virtually—to confirm communication mechanisms are in place and roles and responsibilities are well-understood

It’s important to remember that your employees and contractors will have bigger concerns than cyber security at this time. Rather than providing an additional source of anxiety, this is an opportunity to provide guidance and highlight the role the entire organization plays in cyber security. The outbreak of COVID-19 has reminded us all that prevention is the best defense. By following the steps outlined above, communicators will be better prepared to protect their organizations in this heightened cyber threat landscape.