2020 Q2 - Cyber Threats Continue Alongside Pandemic

It is safe to say that the year 2020 will be quite memorable for everyone who lived through it. The first quarter of the year was odd to say the least - Bush fires ravaged the continent of Australia, talks of "World War III" were rumored with back and forth strikes between the U.S. and Iran, and the first cases of the novel Coronavirus were reported, causing countries around the world turn to unprecedented lockdown of citizens. While the bush fires thankfully subsides and talks of a third World War went to the wayside, the pandemic has continued into and beyond the second quarter of this wild year. Below, we'll take a look at some of the major areas which were prevalent during this second 3-month period of quite a strange year.

Work From Home Vulnerabilities

This second quarter was the first full quarter of 2020 which occurred amidst the COVID-19 pandemic. With it, many COVID-related cyber threats emerged along with many other opportunistic attacks on the unsuspecting work force which was overwhelmingly forced to leave their offices and work from home. While this was a seemingly excellent alternative to keep businesses operational during these uncertain times, it also presented a plethora of vulnerabilities to individuals and companies alike.

Most of the communication being utilized for work, now more than ever, is email. Malicious actors are disguising themselves as a company's trusted and legitimate HR representatives in order to steal sensitive employee data and use that contact as a way to breach any security measures the business might have. Not only this, but many malicious actors would use these connections to hack into individuals' home networks.

Not only are home networks and devices less secure, but studies show that employees themselves tend to take cybersecurity as less of a serious threat while working from home. Half of employees self-reported that they cut corners when it comes to the company's standards for security best practices. Also incredibly scary and shocking is that nearly half of all employees working remotely had malware on their computers which they used for work. This is partly due to that fact that not all employers can afford to give their employees work-provided laptops. Late into Q2, many businesses decided that they may attempt returning to offices in some form or another. For those employees which were provided with company devices, further security threats exist during this return to work period, as any threats or vulnerabilities which may have made their way onto said computers could then threaten the entire company network.

Zoom & Its Major Cyber Risks

When we were all forced into lockdown, of course we all wanted to maintain communication with friends, family, and coworkers even while at home. The preferred method for many people to meet professionally and personally was Zoom, a company that seemed to pop up out of nowhere right when we needed them. However, the company was exposed as having extreme security flaws. Random hackers would show up in people's personal, professional, and school Zoom meetings, showing privacy was very much lacking in this program. On top of this, it was discovered that there was also a security flaw which allowed for anyone you chatted with to steal your Windows Login credentials. If this was not enough of a reason to choose a different means of virtually communicating, over 500,000 Zoom account details were stolen and sold on the dark web just last month. While staying in touch is essential for us to all feel normal, more secure options for meeting -- particularly for work -- may be better for protecting your companies data.

COVID- themed Cyber Attacks

Phishing

Coronavirus phishing scams came about in the latter part of the first quarter, particularly when the entirety of the country was hanging on every word of each announcement coming out of the CDC and WHO - scammers tried to dupe many people into clicking on false news updates disguised as legitimate emails. As the cases of COVID-19 grew, so did the targeted phishing scams, where there were instances of COVID-19 themed attacks, Zoom attacks claiming to have information on the virus, and the aforementioned attacks on remote workers. Phishing grew more and more throughout this entire pandemic, and it is likely to continue as the world remains inconstant.

Malware

Back in December of 2019, the term Coronavirus sounded like the type of thing a person calls out of work for when they've had too much of a particular type of beer and they're trying to sound clever. Now, we can't turn anywhere without seeing something about it. In late-March, there were even emerging malware named after the virus; An increase of 30,000% in Coronavirus-related malware was seen in mid-April of this year.

Ransomware Against Hospitals

Not only did cyber criminals decide to capitalize on people's fear via malware, but ransomware attacks grew during this time as well. The malicious actors found their primary targets in the poor hospitals which were fighting the virus head on. It also appears that these malicious cyber criminals were targeting smaller hospitals who were perceived to have less strong cyber defenses. One such hospital in Colorado was hit by a ransomware attack right when that state had seen maximum cases of the virus. The attack “rendered inoperable” the Pueblo, CO hospital’s systems for saving and storing patient PII (personally identifiable information), forcing the establishment to revert to utilizing only paper forms, a much less efficient and modern process. This is just one example of the sort of mayhem that has been hitting medical facilities across the globe.

IRS Phishing Scams

The pandemic not only shifted our lives online and changed the way we operate in society, but many events were either cancelled or postponed due to the abrupt situation Coronavirus put us in. One of these which impacted all Americans was the delayed tax deadline, moved from April 15th to July 15th. Tax-related scams are always prevalent each year when the deadline approaches, and 2020 is no exception; in fact, many new attacks came about due to both the prolonged time period leading up to the deadline as well as Coronavirus fear. One of these cyber attacks involved cyber criminals impersonating QuickBooks leading up to the delayed tax deadline of July 15th; this particular attack targeted companies and their CEOs with a seemingly legitimate email which contains a malicious attachment, masquerading as a typical monthly invoice. On top of this, targeted attacks toward individuals where scammers claim to be the IRS and reach out to people directly via phone or email to try and dupe them into handing over money and/or personal information.

Image created with Canva for Tego Cyber.