The total volume of phishing emails and other security threats related to the Covid-19 coronavirus now represents the largest coalition of types of cyber attacks around a single theme seen in a long time, according to according to Proofpoint, a corporate security company based in Sunnyvale, California, USA.
To date, attacks ranging from phishing for credential phishing, malicious attachments and links, commercial email compromise, fake landing pages, downloads, spam, malware and ransomware, all of which are linked to the rapidly spreading coronavirus.
The criminals send out waves of emails ranging from a dozen to over 200,000 at a time, and the number of campaigns is increasing. Initially one campaign a day was seen all over the world, now it's possible to observe three to four a day. This increase underscores how attractive global news can be to can be for cybercriminals and dangerous for companies and people. people.
A threat to critical market sectors
The current cyber threats related to global events, such as Covid-19, are deeply worrying as they seem to be mainly targeting critical market sectors such as healthcare, manufacturing and pharmaceuticals. pharmaceuticals.
The main strategy adopted by criminals using Covid-19 is social engineering at scale. at scale. They know that people are looking for security information and are more likely to click on potentially malicious links or download attachments.
Cybercriminals will continue to use the coronavirus as the crisis develops globally. develops globally. The widespread transition to remote working means that they will have a wider range of targets.
Security threats force awareness among users and companies
Rethinking security is essential for building a new cybersecurity strategy that will work now and in the future. The starting point is to recognize the need treat all devices and users as if they were really outside the company's firewall. firewall.
This approach approach allows the security and IT team to build application-specific protection and use application-specific use and protection standards, based on the security and data protection policies security and data protection policies best aligned with the applications used in the production environment and the the information it contains.
This also simplifies the problem, since developing security for specific applications is a finite is a finite problem, while trying to protect all types of devices, connection types and common locations across the entire employee group is endless. is endless.
Business business continuity and pandemic
So where should organizations should start when trying to anticipate security attacks related to the coronavirus pandemic or any other global event? event?
During a pandemic, organizations need their cybersecurity teams to be on the ball to to protect the organization from threats and alert users to phishing, ransomware and other malicious attacks targeting them and their business. business.
As remote work continues, protection teams should review their security policies that they may have relaxed to accommodate an increase in remote working. work. Careful analysis will be shown where vulnerabilities exist, controls and insist on a return to strong corporate and industry standards. standards.
IT must also reduce the risk posed by the home office in general, and can do so by by helping users to create a more secure environment.
From from wireless LAN access points to ensuring fast enough speeds and implementing cloud-based management wherever possible, organizations can use SMB tools to strengthen the security of workers outside the office. the office.
Context-aware security provides necessary protection for companies and users
The deployment of more effective defenses requires new approaches. Building a layer of individual products to protect thousands of individual devices is no longer an effective approach. no longer an effective approach.
Modern protection depends on smarter security processes and enforcement. And one of the most effective ways to implement an intelligent approach to security is to shift the focus from devices to users.
The aim is to find out how individual users consume technology and applications so that risk profiles for each user can be profiles for each user can be created based on this context. This approach, which makes security more effective, is security that is sensitive to the context.
In addition new generation security strategies are guided by personalized based on what each user normally does and what information and applications they regularly work with.
This user-focused security approach, guided by individual usage patterns, makes it possible to it possible to focus production environment protections on each user's interactions with the user's interactions with the systems and therefore simpler to identify activities \"off limits\" activities.
The context considered by security extends to an understanding of corporate data and security sensors, as each user interacts with different applications. interacts with different applications. This simplifies user and organization and guarantees the integrity of the various access methods.
Conversys can help your company reduce the risks and impacts of this global crisis. Contact contact our experts right now and find out about Aruba Networks' security, network management and connectivity solutions from Aruba Networks. We are to help you overcome this challenge.
About Conversys
Conversys IT Solutions is a provider of Information and Communication Technology services and solutions with operations throughout Brazil.
With a highly highly qualified technical and commercial team and a network of partners that includes the main global technology manufacturers, Conversys IT Solutions is able to deliver customized IT infrastructure and telecom solutions to clients. Telecom.
We invest in our employees and partners and strive for a long-lasting relationship with our clients, because we believe that this is how we gain the skills and knowledge we need to innovate and generate value for the businesses in which we operate.
About Aruba
ARUBA, a Hewlett Parkard Enterprise company, is redefining the smart grid with mobility and IoT solutions for organizations of all sizes globally.
Offering IT solutions that empower organizations to serve the Mobile Generation - mobile-savvy users who rely on cloud-based applications for all aspects of their work and personal lives - and to harness the power of insights to transform business processes. With infrastructure services offered as private or public cloud software, Aruba offers secure connectivity for mobility and IoT enabling IT professionals to create networks that keep pace with change.
