By Silviu Stahie on Apr 20, 2020
If you think the COVID-19 epidemic means a respite from cyberattacks against companies, you’d be wrong. If anything, the situation is worse, as organizations divert resources to other parts of the business, leaving their infrastructure exposed. And the proof of that is the flurry of attacks against hospitals.
It’s unhealthy for a company to believe hackers will pass up the opportunity to attack infrastructures or to compromise valuable data. Even if other concerns might seem more important right now, protecting a company’s assets has never been more vital, especially when cybercriminals lack any scruples.
From a security point of view, having most or all employees working from home is a challenge. Once a terminal leaves the protective shell of the corporate infrastructure, it becomes more exposed. Sure enough, all emails still flow through the same filters, but much network security is absent.
People still need to work and, in some situations, they need to use VPN and RDP connections (remote desktop protocol) — not a happy scenario for security teams. RDP is the preferred infiltration vector for ransomware, followed by phishing.
Don’t think you’re out of the woods
Since pretty much everyone in the world is now focused on the global Covid-19 pandemic, it’s easy to lose sight of other aspects. Where feasible, people have started to work from home, but people are usually a weak link in the cyberchain and prone to making bad security decisions.
The global pandemic has proven a useful carrier for phishing, with emails touting messages from officials, selling high-quality protections masks, or promoting so-called advice to people looking for more information.
This is just one scenario: Someone is tricked by a phishing email and either offers a user name and a password for some bogus website or inadvertently installs a piece of malware that starts syphoning data.. Now, with all that information, possibly even legitimate credentials, in the hands of attackers, they can start going after the corporate network. For instance, they could even try dialing in using RDP connections and then easily move inside the corporate network.
Cybercriminals won’t back down just because a global crisis is in the making. If anything, they will attack the more vulnerable industries to capitalize on the urgency of the situation. Healthcare is obviously on the frontlines now.
Just recently, the University Hospital Brno was hit by an unspecified cyberattack, forcing to shut down their IT network. For hospitals, an inability to treat incoming or existing patients in critical condition would be the absolute worst-case scenario, which makes healthcare all that much more valuable than it already was. Now more than ever, it’s essential to have the proper protection in hospitals and all other healthcare-related facilities.
Just because it’s not healthcare, doesn’t mean you’re safe
Right now, the bulk of attacks seem focused on healthcare providers and adjacent verticals, and they involve all sorts of Coronavirus phishing scams. But the masses of people or employees now working from home will soon become a focus for attackers.
Just because the Coronavirus appears to be the only affliction today, it doesn’t mean that all other illnesses and diseases are taking a break. By the same token, just because everyone is watching ransomware and hospitals right now, doesn’t mean that all the other attackers looking to steal databases, infiltrate critical infrastructure, or simply to create mayhem will take a breather.
If cybersecurity wasn’t on many companies’ agendas, especially in a work from home scenario, it’s becoming a growing priority. The challenges of keeping all employees safe, wherever they may be in the world, mustn’t be taken lightly, and measures need to be undertaken before it becomes a real problem.