COVID-19 creates a ‘perfect storm’ in cybersecurity
71% of security professionals have noticed an increase in security threats or attacks since the beginning of the Coronavirus outbreak, with the leading threat being phishing (55%) followed by malicious websites purporting to offer information or advice about the pandemic (32%). Increases in malware (28%) and ransomware attacks (19%) have also been noticed.
This is according to research by cyber security firm Check Point, in collaboration with Dimensional Research.
The companies have released key findings of their study, according to which 95% of security professionals say they are facing added IT security challenges due to the spread of coronavirus.
The three leading challenges were the provision of secure remote access for employees, mentioned by 56% of respondents; the need for remote access scalable solutions (55%) and employees working from home were finding and using untested software, tools and services (47%).
According to research, on average 2600 Coronavirus-related cyber attacks occur each day.
Check Point says the survey results reinforce its recent findings regarding Coronavirus-related domains. These are 50% more likely to be malicious than other domains registered since January 2020, and the average number of new domains registered in the three weeks from the end of February was almost ten times more than the average number found in previous weeks.
“Furthermore, Check Point can confirm that it sees roughly 2600 coronavirus-related cyber attacks per day, on average; with a peak of 5,000 on Mar 28, 2020. Over 30,103 new coronavirus-related domains have been registered in last 2 weeks alone, where 131 are malicious, and 2,777 are suspicious. Over 51,000 coronavirus-related domains have been registered since start of coronavirus pandemic,” the company adds.
Check Point’s researchers have uncovered several ‘coronavirus specials’ advertised by hackers through the dark web, with ‘Covid-19’ or ‘coronavirus’ being used as discount codes for out-of-the-box malware.
According to Check Point many enterprises rely on Zoom to facilitate their employees working from home.
The company recently saw a spike in the number of “Zoom” domains registered and spotted malicious “Zoom” files targeting people working from home.
Check Point documented 1700 new “Zoom” domains registered since advent of pandemic, 25% of which were registered in the past week days, and has deemed 70 domains as suspicious.
In January 2020, Check Point published a research report proving that Zoom had a security flaw. The research showed how a hacker could eavesdrop into Zoom calls by generating and guessing random numbers allocated to Zoom conference URLs.
onsequently, Zoom was forced to fix the security breach and change some of its security features, such as mandating scheduled meetings to automatically be protected by a password. The same researchers who conducted the research study published general Zoom Safety Guidelines for folks working from home.
ITWeb published a report quoting a spokesperson from Zoom as saying that users should be aware that links to its platform will only ever have a zoom.us or zoom.com domain name.
Reuters has also reported that Zoom has recruited the services of former Facebook security chief Alex Stamos as an adviser.
According to the report lockdowns has resulted in an increase in Zoom usage, amid concerns over its lack of end-to-end encryption of meeting sessions, routing of traffic through China and “zoombombing” – the term used to describe when guests gate-crash meetings.
Check Point’s Regional Director for Africa, Pankaj Bhula said: “Cybercriminals will always seek to capitalise on the latest trends to try and boost the success rates of attacks, and the Coronavirus pandemic has created a perfect storm of a global news event together with dramatic changes in working practices and the technologies used by organisations. This has meant a significant increase in the attack surface of many organisations, which is compromising their security postures. To ensure security and business continuity in this rapidly evolving situation, organisations need to protect themselves with a holistic, end-to-end security architecture.”
“This means ensuring accessible and reliable connections between corporate networks and remote devices 24/7, promoting collaboration and productivity between teams, networks and offices, and deploying robust protection against advanced threats and cybercrime techniques at all points on the enterprise network fabric.”