Top 7 cyber threats during COVID: Are they here to stay?

Published by Benjamin Elveng on

  1. Covid-related phishing
  2. Fake landing pages 
  3. Email fraud from ‘governments’
  4. Exploiting remote workers networks
  5. Attack of collaboration tools (Teams, Zoom etc.)
  6. Ransomware in an already intense situation
  7. Increasing use of machine learning in attacks

During the pandemic the cyber threat landscape changed rapidly, and what is worse the threats got more elaborate and smarter. Companies as well as individuals were under pressure from being in a new setting – the pandemic. We did not know how long it would last or what it meant for the world. Now we know some of the impacts that the pandemic has carried with it a new era in cyber threats. We have gathered a list of how cyber criminals exploited this uncertain time and how they did it. This way, you’ll know what to look out for.

Covid-related phishing

You probably know what phishing is, but covid phishing became the new big thing during the pandemic. Not only did phishing rise with a stacking 220% during the pandemic, but people also received e-mails that took advantage of the situation. These topics often involved covid-related news, which had malware attached to it, and in other cases people were exploited for their passwords/credentials or asked to give donations to what were fake charities in support of corona. TIP: As a rule, check the sender email and be wary of clicking on links. 

Fake landing pages

Another great hit during the pandemic was fake landing pages, which were stealing credentials, credit card information and probably much more. People were deceived by trying to purchase top shelve masks, or vaccines. The vaccines sold online never arrived or if they did, they were saltwater injections, or any case worse. Recently, a new trend has popped up, where people are able to buy fake vaccine cards. TIP: use common sense, something that’s too good to be true, is often a scam. Use sources you know or use rating websites to see how others experience with the site has been.  

Email fraud from “governments”

This is another form of phishing, which was used to collect credential and social security numbers. A fake email from a criminal trying to lure personal data from users, who think it’s from a true source – these ruses were often built around a topic asking you to verify yourself in order to book a vaccine or a tactic along these lines – in this way taking advantage of people’s desperation. TIP: always be critical of emails and if you get an email wanting you to login somewhere, don’t click the link, but go to the source to see if it’s legit.  

Exploiting remote workers networks

Taking advantage of, is where we left off in no. 3, and it’s where we will continue here in no. 4. The work from home (WFH)-situation were quickly taken advantage of, as individuals do not have the same protection at their home office, there are no firewalls, in some cases no malware detection or anti-virus solutions. This left WFH-employees a target for hackers, but also new employees became a target. As newcomers did not know their new workplace thoroughly hackers exploited them by posing as their co-workers. TIP: To secure your employees when working from home, using VPN, and creating security rule goes a long way.  

Attack on collaboration tools (Teams, Zoom etc.)

During the pandemic a need to communicate and being able to host meetings became a big thing, especially via Zoom, which saw a spike in demand almost overnight. The demand for these collaboration tools were so important for individuals and businesses that it probably had hackers thinking: “there must be a way to take advantage of this.”. And of course, there was: Zoom bombing, is a tactic where cyber criminals hijack sessions and purposely make it impossible to communicate during the meeting. But also methods such as registering fake accounts in order to steal personal data has been seen. TIP: You also need to protect your data within collaboration platforms, so remember to backup Teams and other important online data. 

Ransomware in an already intense situation

Ransomware is surely a part of a cyber criminals every day, but when it was used during a pandemic, and while everyone was adapting to a new situation, criminals were using ransomware, which became an extremely dangerous tool as businesses were desperate to regain access and control. Not only was there a rise in ransomware growth, but the ransoms were often a higher amount tooTIP: Get a remote backup, and don’t ever pay a ransom.

Increasing use of machine learning in attacks

As we’ve started a few times many methods of cybercrime have been on the rise during the pandemic, but unfortunately the attacks are getting better and one of the reasons why I machine learning. Machine learning can be used for good, but it can also be used in crime. Machine learning has helped the hackers code adapt to new environments, and especially during phishing attacks, the hacker’s objective is to remain within a system for as long as possible to detect and with machine learning, it has been easier for the crimes to be detected. TIP: security tools, like ReTrust, which are built on machine learning will detect such attacks and codes being injected into your business’ systems. 

Our world is transitioning, we are more online than we have ever been before, and pandemics or other crises are bound to happen again. What can you do? Protect your data and in this way protect yourself. 

Request a demo