Covid-19: A Cybercrime Perfect Storm … Data Exploitation Dream

Sam Field - Our Enterprise Solutions Product Manager discusses how the global pandemic and restrictions on movement have led to an increased dependency on digital services for both businesses and consumers, and to a large extent, pretty much everyone has had to adapt to new ways of working.

Enforced lockdown has seen a massive rise in the use of collaboration services, and workforce transformations have taken place before our very eyes. Digital communications in whatever format have massively increased the amount of business data in circulation.

Cybercriminals quickly identified dispersed working as a major opportunity, and have responded with pandemic themed scams and attacks to steal information and data.

Whilst cyberattacks on individuals are very upsetting, they are generally easier to spot and deal with. A ‘take no action’ approach to any form of contact outside the norm is the key learning point on a personal level, and nobody can claim to be so smart they are not vulnerable.

The workplace however is a much more complex environment with hierarchical relationships, managerial directives and business systems that aren’t always the simplest to operate.

There’s a greater scope for cybercrime in organisations with operational complexity, and the value of data and information that can be stolen or extorted tends to be higher.

Furthermore, it isn’t just criminals who are interested in business data. There are many business information platforms and other data centric organisations who are benefitting from the wealth of information flowing around the digital economy. And for many island organisations, protecting intellectual property (IP) from cybercriminals and other interested parties is vital.    

The arms race between data protection, criminals and legal data hunters is here for the long-haul as organisations strive to protect their businesses, customers, revenues and reputation.

The focus still remains on cybercrime though, and the five overriding threats that are targeting hybrid working environments are:

Email Phishing
Defined as the fraudulent attempt to obtain sensitive information or data, such as usernames, passwords and credit card details, by disguising oneself as a trustworthy entity. Covid phishing activity often impersonates government and health authorities to deceive users into sharing confidential information such as payment and account credentials.

When hackers break into corporate networks, they often take their time monitoring emails and activity, to maximise the impact of their attack. Criminals then mimic existing accounts and send emails instructing people to take action … do this, click here, update that, … all in an attempt to obtain the information and the access to funds they are looking for. 

SMS Phishing
Also known as ‘Smishing’, is text messaging fraud that tries to lure victims into taking action. Clicking on links in texts can activate the downloading of malware that will reveal and extract sensitive account information. The increased use of smartphones for so much business activity exposes organisations to an extended perimeter, through a non-PC based zone of extended vulnerability.

Fraudulent Domains
Or domain spoofing, is also associated with phishing. Attackers use a ‘bogus domains’ to impersonate a company or its employees. This can be done by sending emails with false domain names which appear legitimate, or by setting up websites with slightly altered characters that look authentic, and asking you to take action that will compromise your security.

Counterfeit Apps
A counterfeit app is an app that claims to do something, but is actually fake, ineffective, or harmful to a user's device and information. They have been found on legitimate app stores including Apple and Google Play, where they have not yet been detected or reported. They aim to defraud users by offering fake functionality, and stealing data.

Malware
Malware is software that has been intentionally designed to cause damage or harm to a computer, server, client, or computer network - often for the purposes of extorting money. A wide variety of malware exist, including viruses, worms, trojan horses, ransomware, spyware, adware, rogue software, wiper and scareware. Malware exists for a number of reasons: such as causing malicious damage, and stealing financial details and sensitive information. Ransomware is a form of malware where attacks are designed to block access or take down sites until a sum of money is paid. 

Clear and Present Danger
The average cost of a business cyberattack is estimated to be £3million, and around half of the cyberattacks involve email phishing, a figure that’s 20% higher than the global average.

We partner with Mimecast, a ‘Gartner Magic Quadrant’ global cyber security leader, to provide a unique range of on and off-shore services. Cloud based, layered security provides advanced safeguarding and business continuity, protecting email and messaging services, along with access to your securely archived information.