In the fourth quarter of 2020, McAfee, the device-to-cloud cybersecurity company, reported in their McAfee Threat Report (April 2021) that “COVID-19-themed cyber-attack detections increased by 114%.” The report highlights that the complexity and number of IT security threats continued to evolve during the coronavirus pandemic.
One key additional element has been the rise of remote workers. Wi-Fi networks at home and family laptops with elementary passwords put organisations at heightened risk to fall victim to a cyber-attack.
Free vaccines for all
Phishing is increasingly targeted, and as an example, one key problem has been the availability of vaccines. Criminals are reaching out by email, promising direct and accelerated access to coronavirus vaccines, all the while pushing malware to unsuspecting recipients. Vaccines can also be purchased on the DarkNet, some are real, others are fraudulent.
A key concern has been the vulnerability of home Wi-Fi routers. As criminals actively and systematically are scanning home networks, IT security teams struggle to keep the routers of company employees up to date.
One example that has stood out during the past year, has been Microsoft Remote Desktop. This software has been the source of headaches for many companies, as several cases of malware entering corporate networks have taken advantage of vulnerabilities in this software.
Out-dated systems are a serious cause for concern
Computers and networks are developing all the time. Out-dated systems are another serious cause for concern. A highly publicised case in the media comes from Florida, where an old computer in a water treatment plant was hacked by exploiting the Windows 7 operating system. Adding insult to injury, the computer was ‘protected’ with weak passwords. In this instance, criminals came dangerously close to succeeding in their attempt to poison the local water supply.
What we see as a common shortcoming is that people are simply unaware of the risks, and how to manage them. Working from home, whether you enjoy it or not, brings an added threat level to the equation.
It’s not all doom and gloom
On a positive note, solid planning, alongside proven security practices, coupled with common sense and basic network / computer hygiene will go a long way when it comes to protecting your network.
Below, at If’s Risk Management Day, held in Norway in April, Mikko Peltonen, Head of Digital risks and Cyber at If P&C, highlighted some recommended practices and tips to help prevent, and aim to mitigate the impacts of, an attack on your company network.