The number of attacks against organizations has grown exponentially, reaching a high at the end of April with the spread of the Coronavirus.
But according to assessments by the World Economic Forum (WEF), hacking and phishing attacks are likely to become the new norm for many companies, even as the pandemic infection rate begins to decline.
Basically, companies are most concerned firstly about Covid-19 causing a prolonged recession in the economy, and secondly about increasing bankruptcies in companies of all sizes.
Third, companies are most concerned that the sudden increase in remote working could lead to an increase in cyber attacks and data fraud, according to the Covid-19 risk survey by the WEF, which targets a preliminary mapping in its implications report.
The coronavirus outbreak has led companies and governments to deploy technologies at an unprecedented rate amplifying the risk of attacks
In the health service, for example, IT projects that would normally take years have been rolled out in weeks, from developing contact-tracking applications to systems that allow an army of medical workers and staff to track contacts of people who have been infected by Covid-19.
Cybercriminals have taken the opportunity to attack organizations while they are focused on the aftermath of the pandemic. It is simply that organizations are more vulnerable, both in terms of new modes of operation and the level of distraction of their technical staff.
Working from home was the first challenge to be faced by companies
A huge expansion in the number of employees working from home, often using virtual private networks (VPNs) that may lack adequate safeguards, has increased the "attack surface" for hackers.
There has been an increase in email phishing attacks, malicious keylogger attacks, and the distribution of password-stealing software that has put not only the operations of companies but especially customers at risk.
Having a strong cybersecurity culture at work is one thing, but trying to replicate that for the employees working in your living rooms is not simple.
This can lead staff to take risks that they would not consider in an office setting, perhaps without proper planning. In addition, companies facing financial difficulties, which are forced to lay off or provide staff, face additional pressures.
This exposes companies to cyber threats from their own employees, from those who have some sort of "grudge" against the organization because of the way they are being treated, or even from those who are a bit more disgruntled and detached and therefore a bit more casual in their behaviors.
Critical Infrastructure under Attack
Companies that provide critical services, such as in the gas or power generation sector, and that are not used to working remotely are among the most vulnerable.
There are smaller companies in the supply chain that do not necessarily have the advanced security features of some large organizations. As a result, hackers are targeting them precisely to exploit security vulnerabilities.
The pandemic exposed gaps in companies' supply chains, and organizations responded by moving work to new vendors or bringing work in-house at a rapid rate, creating even more room for cyber attacks.
Anything that changes the supply chain involves new parties, new relationships, new access points, and therefore inevitably creates new exposures. And this will continue during and after the pandemic.
Future Challenges for Companies
Research by the company Check Point suggests that coronavirus-related attacks peaked in late April 2020 and are now on the decline.
However, cyber threats are likely to remain at high levels for some time to come. After gaining access to a network, hackers can install malware that they can choose to activate at any time.
It can take months or years before a company realizes it has been hacked. At the same time, companies are stretched financially, with many just surviving the crisis.
Therefore, those who work from home should be constantly reminded of the risks, perhaps by means of a weekly e-mail warning about the latest suspicious phishing e-mails.
In addition, continuing to educate employees about attack threats remains the main suggestion for avoiding phishing attacks, but better email filtering may also be a viable option, considering the similarity in current phishing techniques.
Conversys can help your company reduce the risks and impact of this global crisis. Contact our experts now to learn more about Aruba Networks' security, network management and connectivity solutions. We're here to help you meet this challenge.
About Conversys
Conversys IT Solutions is a provider of Information Technology and Communication services and solutions acting all over Brazil.
With a highly qualified technical and commercial team and a partner network that includes the main global technology manufacturers, Conversys IT Solutions is able to deliver customized solutions for IT Infrastructure and Telecom to its clients.
We invest in our employees and partners and strive for a long-lasting relationship with our clients, because we believe that this way we gain the skills and knowledge necessary to innovate and generate value to the businesses in which we operate.
