How COVID-19 and Cybercrime are Connected
Cybercriminals are notoriously opportunistic, and so will not hesitate to work any situation or circumstance that might improve their chances of success. Unfortunately, in their eyes, the COVID-19 pandemic fits the bill just fine.
Think about it—while many people are trying to return to the workplace, the likelihood is that the resurgence of the virus will send many people back to remote work. Most still practice social distancing as much as possible, still making it a wiser choice to work remotely, if the option is there. Don’t get us wrong, this is a great way to keep a business running without exposing people to unnecessary risk of infection. Unfortunately, doing so may help expose your business to cybersecurity risks. Many organizations have experienced the following at a significantly higher rate:
While remote work can bring a lot of benefits to both an organization and its employees, it can increase the chance of a severe human error taking place. With reopening efforts met with a resurgence in infections, remote work may be the safest option for some time.
So, with the distractions of the home, combined with the shared anxieties that many of us are currently feeling, errors are going to be more likely. Unfortunately, these errors can often enable security incidents to take place.
We can look to Public Health Wales—one of the 11 organizations that form the Welsh branch of the National Health Service—as an example. On August 20, the personal information of 18,105 Welsh residents was uploaded to a public database, where it was visible for about 20 hours (and was viewed 56 times during that period).
Phishing and Ransomware
Working remotely also means that communication tools will be used even more frequently than they already were, giving cybercriminals another opportunity to strike using tools like email to their advantage. Cybercriminals have long distributed malware and achieved their other goals by phishing their targets through email. With many people anxious for updates about the coronavirus, as well as the upcoming election, cybercriminals essentially have a playbook of promising keywords to use in their phishing messages.
Credential Hacking and Brute Force Attacks
Even last year, credential theft and brute force attacks were already causing no small amount of trouble for businesses. This year has seen more of the same, especially because many employees are working remotely… away from the office’s defenses and cybersecurity culture.
Healthcare Organizations are Preferred Targets
Sickening as it is to consider, the phenomenon that cybercriminals are increasingly attacking healthcare providers and associated businesses makes a lot of sense. Just consider:
- There’s a lot of personally identifiable data stored by medical providers, including credit card credentials.
- Healthcare organizations are likely to pay a cybercriminal to avoid some of the consequences of a disclosed data breach.
- Obviously, these organizations are also motivated to pay by the pressing need for the data they store to properly care for their patients.
This has also been complicated by the nature of our current shared predicament:
- Telehealth has become more popular, making it more valuable for a hacker to target.
- As breaches have been revealed, healthcare organizations and their data protection policies are under closer examination.
- Patient privacy concerns are being raised as contact tracing applications are developed and deployed. Healthcare providers may find it challenging to get people to use them.
Any situation brings a lot of different factors for a business to consider. In this case, it just so happens to be a pandemic, which unfortunately stresses an already pressure-filled industry. Regardless, Level5 Management is here to help ensure that a business’ IT doesn’t become a concern. To learn more about what we can offer you, give us a call at (561) 509-2077.