In this digital age, when all of us rely on the Internet for just about anything, there has never been a better way to strengthen cybersecurity.
Digital attacks are exponentially increasing. According to Cybersecurity Ventures, international cybercrime costs may amount to USD$6 trillion by 2021. In addition, a recent report was done by PurpleSec, the US government's cybersecurity services have revealed that cybercrimes shot up to 600% worldwide.
From identity theft, financial pilferage, power outages to glitches in military equipment and security secrets, cyberattacks can impact us in so many ways. That being said, organizations and individuals don't need to be told about the importance of robust cybersecurity.
The COVID-19 pandemic has completely changed the way we live and do things. It has made us more reliant on digital transactions more than ever.
This brings us to a rather important question: How has COVID-19 affected cybersecurity?
Increasing Cyberattacks on the Medical Sector
An article published in International Journal for Quality in Health Care in September 2020 mentioned that shortly after the pandemic, the International Criminal Police Organization (INTERPOL) issued a report warning of a global increase of COVID-19-related cyberattacks targeting both individuals and organizations.
Users notified having received phishing emails pretending to be coming from representatives of the Centers for Disease Control and Prevention (CDC) and the World Health Organization (WHO), feeding the public's widespread fear of the pandemic. By clicking on the link or opening an attachment, the cybercriminal gains access to the user's sensitive information.
While the earlier report named WHO as the 'perpetrator' of phishing attacks, in reality, the world's premier health organization is the real victim. The organization said it noticed an increased number of cyberattacks on its staff. Luckily, the attempt was not successful, being that the access was directed at the organization's old system.
According to IBM, cybersecurity breaches in the healthcare sector amid the pandemic cost a whopping USD$7.13 million, the highest across all industries.
Elsewhere and prior to the pandemic, healthcare entities have fallen victims to a ransomware attack, which saw a 350% increase in 2019. As a result of these cyberattacks, the healthcare services of various medical facilities were disrupted.
The Surge in Work-from-Home and Learn-from-Home Arrangements
Because of the lockdowns and requests to reduce in-office workforce reporting, most of the employees have shifted to working from home. Even schoolchildren are learning from home these days. As almost all of us are required to use the Internet on a daily basis, a surge in cyberattacks has been reported, too.
According to telecommunications giant Verizon, web application breaches account for 43% of all digital-based breaches and have increased two-fold since 2019. Additionally, IBM has reported that remote work has increased the average cost of a data breach by USD$137,000.
In these times where cybersecurity threats have been increasing and becoming more sophisticated, organizations and individuals should put cybersecurity at the forefront. Enterprises should include software security testing as part of their priorities to develop a more resilient information technology infrastructure.
Internet Banking and Attacks on Financial Institutions
There are a host of benefits that Internet banking provides, especially in this pandemic period. By downloading the bank application or accessing the institution's secure website, a depositor can easily monitor balances, view transactions, make payments, as well as update personal information. As everything is done online, this service has become a milking cow for cybercriminals.
Movement restrictions resulting from the COVID-19 pandemic have also made the process more essential these days. Alongside the comfort of the Internet, banking is the increased vulnerability to cyberattacks. Phishing emails are sent regularly and at random to individual and corporate clients of financial institutions. Fraudsters are mimicking the email address of the bank to solicit financial support for COVID-19 initiatives but asking for financial information in the process.
The Security and Exchange Commission's Office of Compliance Inspections and Examinations (OCIE) on July 10, 2020, has reported that hackers have launched large-scale cyberattacks to hack into the systems of financial institution networks. During the pandemic, reports indicate that the financial sector is one of the industries most affected by cyber threats, second only to the healthcare sector.
Cyberattacks have long been targeting financial institutions, and it has been a persistent problem even before the pandemic.
Delays in Cyberattack Detection and Response
Because cybersecurity experts are affected by the changes in work settings and are subjected to work-from-home arrangements themselves, the response mechanism for cybersecurity concerns is involved, too.
In fact, the IT leading company IBM estimates that cyber breaches have taken an average of 280 days or about nine months to identify and control since the pandemic. These cybersecurity breaches cost companies an average of USD$3.86 million.
To help avoid paying these hefty costs, organizations should continue to update their cybersecurity by regularly upgrading software and installing security patches. These updates and patches are essential for cybersecurity enhancements, being that these software updates can protect your system from new and more sophisticated means of hacking and cyberattacks.
Unless the business has set up its team to work on these upgrades, even with the absence of their IT team, they're in good hands.
Hackers are exploiting these altered working arrangements to look for potential targets on a daily basis, whether individual users or large businesses. In addition, companies may hire an external consultant or outsource a software company to support them in these types of emergencies.
A Heavy Toll on Cybersecurity Staff
The notable increase in cyberattacks at all fronts has negatively impacted cybersecurity professionals and their organizations. These IT experts have reportedly shifted their priorities and activities.
Palo Alto Networks discovered that some 1,767 high-risk COVID-19-related domain names are created on a daily basis. Meanwhile, some 471 fraudulent e-commerce shops selling fake COVID-19 items were dismantled in the United Kingdom.
In addition, these software developers have admitted that the work-from-home setup has reduced the team's capacity to enhance business applications. Overall, the heavy workload has exponentially increased their stress levels in the workplace.
Potentially Increasing Number of Cyber-Criminals
Massive lay-offs due to company shutdowns have left a high number of persons unemployed. With limited means to find work, software programmers may have been getting busy by attempting to use the Internet to deceive and coax people into providing their financial information like credit card and bank account details via phishing.
This assumption may not be completely wrong, as Cybernews reported that from March to May 2020, when the pandemic was at its peak, searches about hacking and cybercrimes skyrocketed. Additionally, visits to hacker websites and forums shot up by 66% during the same period.
Conclusion
The pandemic's aftermath, both negative and positive, continues to impact us to this day. On the one hand, it helps heaps in allowing most of us to adjust to the new normal. On the other, it provides cyber fraudsters with vast opportunities to continue doing what they do best, which is to divest unsuspecting users of their valuable information and assets.
Walter Guevara is a software engineer, startup founder and currently teaches programming for a coding bootcamp. He is currently building things that don't yet exist.