How did the quarantine affect cybersecurity?
Quarantine has exposed numerous flaws in many countries affected by the virus, ranging from how they reacted to Covid-19 crisis, were they economically prepared, and how fast they adapted to changes.
However, one overlooked issue is cybersecurity. Businesses before the Covid-19 crisis were already behind – with regulations like GDPR (General Data Protection Regulation) and CCPA (California Consumer Privacy Act) corporate sphere got a push to implement security measurements or deal with the consequences.
When the quarantine hit and a significant part of the workforce relocated to home environments, the problem of business data security became paramount. It came to light that personal home networks aren’t adequately secured; passwords that need to be complex and unique, are generic and reusable instead.
This gave way to a few troubling tendencies that are used to target unsuspecting victims and extract valuable data. The first one is Phishing campaigns.
Phishing cyber attacks are on the rise
Phishing is a fraudulent attempt to steal sensitive data while disguised as a trustworthy third party. The most common attack trajectory is carried out via mass emails asking to provide banking information, and these emails are spoofed to look like coming straight from the bank.
Back in the days, Vishing was more popular, with fraudsters calling victims by the phone to make their request. However, with so many financial transactions done online, cybercriminals shifted their focus to the digital sphere and developed effective techniques to trick people into giving away crucial data.
When it comes to Covid-19, Phishing attempts have increased threefold, and cybercriminals are successfully exploiting the crisis. According to Eric Cole, a professional hacker that worked for CIA:
“[Hackers] are sending out a 300% increase in phishing emails about COVID-19 because they know that people are so petrified. In our analysis over the last three weeks, 71% of all emails that you receive that say COVID-19 or corona are actually malware or attacks. Less than 30% are legitimate. So you need to be so careful.”
Even though it’s crucial, it’s hard to resist opening such emails. After all, these might be important news concerning health, and people are naturally worried. Cybercriminals are well aware of that and try to use this fear to infect devices with malware that could later be used to carry out more severe attacks.
Home network security
Employees working in the corporate IT sector always benefit from some security protocols established in their workplace. There’s a sophisticated Firewall to filter incoming and outgoing traffic and identify potential dangers. Servers and routers are constantly looked after by cybersecurity personnel, and attacking a corporate network is always a tough nut to crack.
It changed significantly when people started working from home. Instead of having to deal with numerous defence mechanisms, cybercriminals can simply target an unsecured home network via which employee is exchanging business data.
There are several ways to attack a home network. The above mentioned Phishing is just one of them. Wi-Fi networks with weak passwords (or not secured with any passwords at all) can be an entry point to start sniffing out information or even distribute malware.
A lot of people also aren’t aware that Routers have passwords as well. For most of us, it’s the password that the router manufacturer has issued, but that doesn’t mean that password is a strong and complex one. Furthermore, there were incidents when manufacturer-issued router passwords had leaked online. And if they leaked, then definitely there was someone who thought he or she could use it.
VPNs are growing in popularity
Directly related to home network security are Virtual Private Networks. This software became popularized due to its ability to bypass geographical restrictions and ensure online privacy. However, the first VPNs were developed for the safety of remote business communication.
The way a VPN works is that it establishes a secure encrypted tunnel between the user’s device and one of its servers. Then the entire data flow is rerouted through that server, which encrypts it and sends to the target destination. This way, anyone who would try to spy on online communication would hit the security wall, which is there thanks to virtually unbreakable encryption.
According to data gathered by Cnet, “demand for VPNs increased by 44% over the second half of March and remains 22% higher than pre-pandemic levels.” And that is a good thing. People are getting used to cybersecurity software, which will become unavoidable in the near future.
Businesses were fast to acquire batches of VPN service accounts for their employees, which can feel safe knowing their Internet access is secured with professional software.
As with many crises, they do reveal underlying problems, and Covid-19 revealed that cybersecurity practices are somewhat behind the desired state. Hopefully, this will drive more companies to invest in online safety software and train their users to use it, preventing severe harm from happening.