Cybercriminals exploit Coronavirus and remote working response
Cybercriminals are capitalising on the Covid-19 driven move to work-from-home. Global authorities are urging businesses to be vigilant and do whatever they can to combat this threat. The FBI has issued a public service announcement stating “Scammers are leveraging the COVID-19 pandemic to steal your money, your personal information, or both. Don’t let them.”
In addition to issuing their own warning about the vulnerability of teleworking, the European Union Agency for Law Enforcement Cooperation (Europol) cited the example of a hospital in the Czech Republic that reported a cyberattack which “forced the hospital to shut down its entire IT network, postpone urgent surgical interventions and re-route new acute patients to a nearby hospital.”
Just this week the UK Government sparked security concerns when Prime Minister Boris Johnson (self-isolating having been confirmed to have Covid-19) tweeted a picture of a virtual cabinet meeting, and left the Zoom meeting ID number clearly in view.
The government’s choice of a platform that does not offer end-to-end encryption is bewildering. Thomas Rid, an expert in the risks of information technology in conflict at Johns Hopkins University states "Covid-19 has created - and continues to create - awe-inspiring intelligence-collection opportunities. Zoom would be a big part of that intelligence bonanza." For context, concerns over Zoom’s privacy and security have led Elon Musk’s SpaceX to ban use of the app, and only yesterday Zoom’s CEO Eric Yuan apologised to users, saying there would be a "shifting all engineering resources" to focus on security and privacy.
How representative of the wider threat level is this? SentinelOne, an artificial intelligence endpoint security platform, has released data showing a nearly 400% increase in attempted attacks from February 23 to March 16 compared with the start of that period. To give further weight to these concerns, research by cybersecurity firm Check Point shows that of the 4,000 COVID-19 related domains that have been registered this year, at least 320 are thought to be malicious or suspicious, and many are likely fronts for cybercrime. In addition, according to cybersecurity firm Reason Security, “Coronavirus map” software that appears to track the global pandemic is in fact hiding the malicious, password-stealing malware AZORult.
The reality is that these vulnerabilities are not new, they are simply magnified by the current situation. In research published last year by data storage manufacturers Apricorn, 95% of UK organizations have experienced cybersecurity issues related to remote working. Furthermore, they revealed that 50% of IT decision-makers asked were unable to guarantee that their data was adequately secured when being used by remote workers. Extensive primary research from security company Absolute, analysing more than six million enterprise devices over a one-year period, showed that 42% of all endpoints are unprotected at any given time.
Of course, using the wrong tools, including the likes of Zoom and WhatsApp, can actively increase this risk. As Elliott Thompson, principal cybersecurity consultant at SureCloud points out “Companies quickly adopting consumer-grade video conferencing can make it easy for an attacker to pretend to be a member of staff.” It has even been revealed that in a coronavirus-related tech U-turn, the British Army has told soldiers that commands issued over WhatsApp are now legally binding. Only a year ago Army Sergeant Major Gavin Paton (the Army's most senior sergeant major) stated that WhatsApp was not appropriate way to issue orders.
Even the right tools can be used in the wrong way; VPNS designed to be used by small subgroups of employees are struggling to cope as the majority of the workforce attempts to log in and work from home. Daryl Plummer, vice president, analyst and Gartner Fellow:
“Many companies use VPNs dependent on traffic over the public Internet, an unreliable transport which can develop problems as connections are made from different parts of the world. This translates into slowdowns and reduced quality of service overall.” In this way, what starts out as good company policy and common sense becomes problematic in terms of performance and security. Just yesterday Microsoft issued a “first of its kind notification” to several dozen hospitals, warning of the vulnerability of their gateway and VPN appliances to ransomware groups actively scanning for exposed endpoints.
This extended period of teleworking has dramatically increased dependency on digital infrastructure, making digital the default mode of communication. In tandem with this it has raised the cost of failure. According to Algirde Pipikaite, project lead of Governance and Policy at the World Economic Forum, “In today’s unprecedented context, a cyberattack that deprives organizations or families of access to their devices, data or the internet could be devastating and even deadly.”
If governments and armies are resorting to non-secure and un-encrypted messaging platforms out of a mistaken sense of ease, what are your own employees using right now? Against this backdrop, it is essential that organizations take any and all actions to protect themselves, their employees, their customers and their reputations. That will mean enterprise ready tools with certified assurance such as Cellcrypt.
Cellcrypt offers the highest level of end-to-end, certified encryption for voice, messaging, conference calling and attachments. It also integrates with existing IT infrastructure, with mobile and desktop clients, and offers optional add-ons ranging from regulatory compliance auditing to private stacks that provide full management control and secure gateways for PBX extensions.
We are also proud to be supporting businesses affected by the coronavirus, with unparalleled discounts on licenses and full enterprise solutions through our Home Working QuickStart offer. Businesses needing to transition to telework will be able to employ Cellcrypt rapidly to lessen the strain, costs, and vulnerabilities during this emergency. Cellcrypt is enterprise-ready, providing secure end-to-end encryption across existing hardware and we only provide to verified commercial and government enterprises to ensure the tool is only placed in the right hands. Please visit our specially set up page for more information, and to learn more about how Cellcrypt is contributing our military-grade business solutions during this public health crisis.