Reasonable Response to COVID-19 Related Increase in Cyber Threats

​It is no secret that the Coronavirus pandemic has brought a new wave of cyber risks to internet users. In this article, we briefly look at the increase in cyber risks, the reasons for the surge, and the reasonable response for mitigating those risks.

​The risks
Cyber criminals are taking advantage of COVID-19 pandemic to scam, phish and attack people for financial gains and to the detriment of their victims. Cyber criminals are coming up with fake websites for CORONAVIRUS related information updates and products such as vaccines, testing and protective kits, in attempts to scam and phish their victims. For instance, Google stated recently that its systems detected 18 million malware and phishing Gmail messages per day related to COVID-19, in addition to 240 million COVID-19 related daily spam messages.
The stakes for the integrity, confidentiality, and availability of computing resources and sensitive information have soared as more critical business processes, social and religious interactions have moved in an unprecedented fashion to online platforms.

The cost of falling victim to cyber attack continue to grow. A survey shows that:

• Average ransom payment to cyber criminals increased by 33% in the first quarter of 2020 ($111,605) compared to the last quarter of 2019.
• Ransomware actors are now incorporating data exfiltration into their attacks to compel victims to pay ransom even if they were able to recover data from backups,
• Successful ransomware attack could cause at least an average downtime of 15 days.

 
The reasons
Why are we seeing this heightened wave of cyber threats and attacks? The answer is simple – cyber criminals always exploit crisis situations to take advantage of people’s emotions, curiosity, constraints, and exposures. Would this change? Possibly not, so long as cyber criminals continue to derive benefits from their activities.
Further, the increase in the use of videoconferencing, remote access, and VPN technologies warranted by the pandemic has expanded the surface areas through which cyber criminals could attack internet users.
 
The reasonable response
Unfortunately, there is not much we can do, at least for now, to stop cyber criminals from trying out their skills and tools in attempt to compromise systems and data. However, there are things we can do to reduce the odd of their success. Both individual users and corporate organizations have critical parts to play in this. Here are some important things to do.
 
Organizations should train users, and individual users should get up to speed on their understanding of the inherent risks of using computer on the internet. As a user, you need to understand the security behavior and precautions necessary to mitigate the risk of falling victim of the ever-increasing cyber threats. Such necessary behavior and precautions will include:

• Resisting the temptation or urge to click on links or open attachments in emails (unless you are so sure of and have reconfirmed the identity of the sender. You can read more on avoiding being scammed from the FTC alerts);
• Avoiding download of free or for-purchase COVID-19 related apps and kits from websites that you cannot verify their authenticity;
• Using strong password;
• Not giving out or sharing password;
• Not reusing same password for multiple accounts;
• Not logging into sensitive account via insecure Wi-Fi (unless you are using a good VPN);
• Logging out of accounts, including corporate account, when not in use;
• Enabling multi-factor authentication on personal and corporate accounts, where available;
• Improving the security of personal computers and home network. This will include ensuring secure security settings for home routers, modems, WiFi, PCs, and IoTs; as well as installing anti-virus and current patches on PCs and other devices.

Organizations also need to:

• Better understand and evaluate the current risks to business processes, infrastructure, and data;
• Document security policies, standards, and guidelines to instruct and assist users on secure use of computing resources and sensitive information;
• Implement necessary controls to protect computing resources and data. Important controls will include:
  • Secure configuration on user PCs, corporate VPNs, internal and cloud network devices;
  • Ensuring that user PCs, servers and network devices always have current software updates and patches;
  • Continuous monitoring and review of network traffic for suspicious activities, with appropriate follow up actions;
  • Always maintaining good backups of important data and systems;
  • Establishing incident response plan, policy and procures to deal with security incidents (which may be inevitable unfortunately);
  • Implementing security best practices for developing or acquiring and deploying software, especially web applications. 
  • Performing periodic third-party vulnerability assessment and testing of security controls and practices for protecting information and systems. This should assist in identifying any control gaps which should be promptly remediated.

 
About the author
Michael O Bayere is a certified public accountant (CPA), an auditor, and information security practitioner with over 20 years of combined experience in accounting, financial reporting, taxation, auditing, and information security management in both private and public sectors. In 2016, he founded CAS Assurance, LLC, a CPA firm focused on helping small and medium sized organizations to improve their accounting and financial reporting systems, minimize tax liabilities, achieve operational efficiencies, manage risks, and improve compliance posture to achieve better overall success.
Michael holds two master’s degrees (accounting and information security management) from NOVA southeastern university. He is a certified internal auditor (CIA), certified information systems auditor (CISA), and certified information systems security professional (CISSP). Michael can be reached at 954-362-7113.