Cyber threats are always present, but the COVID-19 pandemic has ushered in a new era of cybercrime, increasing risks to employers and organizations.
Scammers Use COVID-19 as Phishing Bait
Phishing scams, using emails to capture personal data or financial information, are nothing new. But COVID-19 has given cybercriminals a shiny new lure to bait unsuspecting victims, by masquerading as:
- Suppliers of masks, ventilators, and other medical supplies, or in-demand commodities like hand sanitizers.
- Economic loans/ government assistance
- Video conferencing platforms
- Tech support and IT service providers
- Critical updates for software solutions or social media platforms
Hackers Hiding Malware in Contract Tracing Apps
The idea behind mobile contact-tracing apps is to track whom each user has been in proximity to and then alert all affected users if one confirms positive for infection. Some contact-tracing apps are also designed to warn users when an infected person is nearby to prevent possible infection.
Unfortunately, cybercriminals are already deploying new strains of ransomware in contact-tracing apps.
Twelve apps posing as official government contact-tracing apps in Italy, Singapore, and trigger malicious software capable of collecting a range of user data from Android devices, a threat intelligence firm found.
In Canada, hackers jumped on an announcement of a government contact-tracing app, creating a fake version that infects mobile ransomware into Android devices.
Remote Work Brings New Risks for Employers
Remote work seems like an easy answer to protecting the workforce, allowing for employees to safely distance themselves at home while still getting the job done. But deploying a remote workforce has brought its own challenges, not the least of which is cybersecurity.
According to research by IBM, remote work has been a new experience for 80% of survey respondents who had rarely (or never) worked from home prior to COVID-19.
Half of the 2,000 respondents said they were working with no new security policies to help guide them. Remote workers also expressed concern about security threats arising from working from home.
Like in the case of customer service agents who previously worked out of call centers, but are now managing sensitive customer data at home, many business operations have quickly transitioned to new, potentially less secure territory.
Over half of remote workers reported using their personal laptops for work, while 61% said their employers had not provided tools to secure the devices properly. Many remote workers were also deployed without new guidelines on how to handle sensitive or highly regulated data while working from home.
Want to protect your business? Discover 7 ways employers can prevent cyber risks from a remote workforce.
COVID-19 is far from over, and increases in new cases have led to many states and counties to double down on remote work, virtual classrooms and meetings, and increase efforts to bring contract-tracing apps to the masses. Which means these new cyber threats will continue to be a risk for employers, business owners, and employees for the foreseeable future.