By Michael Connory, CEO, Security In Depth
COVID-19 (Coronavirus) is on track to become the largest ever cyber security threat to people working from home. Now more than ever, we must remain vigilant to avoid the risk of cyber attack.
What we are seeing
Over the past 30 days, we have observed 40,000 plus domains registered in relation to COVID-19.
We are also seeing:
- ‘threat actors’ sending waves of emails ranging from a dozen to over 200,000 at a time
- 70% of malicious emails delivered with malware, and 30% focused on credential stealing
- multiple domain sits purporting to be legitimate Microsoft or Google sites in an attempt to steal credentials.
In the past four weeks alone, there has been a 40% increase in attacks ranging from:
- credential phishing
- business email compromise
- malicious attachments and links
- fake landing sites
- downloading spam
- malware and ransom ware strains.
What we need to do
- Be especially wary of any email or other communications purporting to come from the Centres for Disease Control and Prevention (CDC.gov) and the World Health Organisation (who.int). Many of the phishing emails use the branding and trademarks of these two organisations as part of the lure, and this trend will continue as the outbreak grows
- Be wary of corporate branded emails. While many legitimate organisations will send emails regarding precautions that they are taking to minimise the threat of COVID-19, the use of legitimate corporate branding has been used to send malware to victims. The malicious emails often use language to create a sense of urgency.
- Ensure all anti-virus and anti-malware software is installed and up to date, and make sure all applications are patched, especially Microsoft and Adobe applications (your IT representative will be across this)
- Ensure two-factor authentication for your work at home devices is implemented and utilised
- Use a password manager, such as LastPass for free as a starting point
- Files need to be backed up and stored securely (preferably using Microsoft One Drive enabled with two-factor authentication).
With any queries, contact me – [email protected] – or your IT representative. We can all learn from, and help each other.