The number of attacks against organizations has grown exponentially, reaching an all-time high at the end of April with the spread of the Coronavirus.
But according to assessments by the World Economic Forum (WEF), hacking and phishing attacks are likely to become the new norm for many companies, even as the pandemic infection rate begins to decline.
Basically, companies are more concerned firstly about Covid-19 causing a prolonged recession in the economy and secondly about the increase in bankruptcies in companies of all sizes.
Thirdly, companies are most concerned that the sudden increase in remote working could lead to an increase in cyber attacks and data fraud, according to the WEF's Covid-19 risk survey, which targets a preliminary mapping in its implications report.
The coronavirus outbreak has led companies and governments to deploy technologies at an unprecedented rate, increasing the risk of attacks
In the health service, for example, IT projects that would normally take years have been launched in weeks, from the development of contact tracing apps to systems that allow an army of workers and medical staff to trace contacts of people who have been infected by Covid-19.
Cybercriminals have seized the opportunity to attack organizations while they are focused on the consequences of the pandemic. It's simply that organizations are more vulnerable, both in terms of new modes of operation and the level of distraction of their technical staff.
Working from home was the first challenge companies had to face
A huge expansion in the number of employees working from home, often using virtual private networks (VPNs) that may not have adequate protections, has increased the "attack surface" for hackers.
There has been an increase in email phishing attacks, malicious keylogger attacks and the distribution of password-stealing software that has put not only companies' operations at risk, but especially their customers.
Having a strong cybersecurity culture at work is one thing, but trying to replicate this for the employees working in your offices is not simple.
This can lead staff to take risks that they might not have considered in an office, perhaps without proper planning. In addition, companies facing financial difficulties, which are forced to lay off or provide staff, face additional pressures.
This exposes companies to cyber threats from their own employees, from those who have some kind of "grudge" against the organization because of the way they are being treated, or even from those who are a little more dissatisfied and detached and therefore a little more casual in their behavior.
Critical infrastructure under attack
Companies that provide critical services, such as the gas or power generation sectors, and which are not used to working remotely, are among the most vulnerable.
There are smaller companies in the supply chain that don't necessarily have the advanced security features of some large organizations. That's why hackers are targeting them to exploit security vulnerabilities.
The pandemic has exposed gaps in companies' supply chains, and organizations have responded by transferring work to new suppliers or bringing work in-house at rapid speed, creating even more room for cyber attacks.
Everything that changes the supply chain involves new parties, new relationships, new access points and therefore inevitably creates new exposures. And this will continue during and after the pandemic.
Future challenges for companies
Research by Check Point suggests that coronavirus-related attacks peaked at the end of April 2020 and are now on the decline.
However, cyber threats are likely to remain at high levels for some time. After gaining access to a network, hackers can install malware that they can choose to activate at any time.
It can take months or years before a company realizes it has been hacked. At the same time, companies are stretched financially, with many just surviving the crisis.
Therefore, those who work from home should be constantly reminded of the risks, perhaps through a weekly email warning of the latest suspicious phishing emails.
In addition, continuing to educate employees about attack threats remains the main suggestion for avoiding phishing attacks, but better email filtering may also be a viable option, considering the similarity in current phishing techniques.
Conversys can help your company reduce the risks and impacts of this global crisis. Contact our experts now and find out about Aruba Networks' security, network management and connectivity solutions. We are on hand to help you overcome this challenge.
About Conversys
Conversys IT Solutions is a provider of Information and Communication Technology services and solutions operating throughout Brazil.
With a highly qualified technical and commercial team and a network of partners that includes the main global technology manufacturers, Conversys IT Solutions is able to deliver customized IT and Telecom Infrastructure solutions to clients.
We invest in our employees and partners and strive for a long-lasting relationship with our clients, because we believe that this is how we gain the skills and knowledge we need to innovate and generate value for the businesses in which we operate.
