Now that many people are working from home due to the coronavirus disease (COVID-19), businesses are facing unprecedented cybersecurity challenges. Unfortunately, among many challenges, hackers are poised to capitalize on the crisis by attacking with viruses of their own. Thousands of COVID-19-related websites are being launched by cyber criminals. Tragically, COVID-19-themed domain registrations are 50% more likely to be from malicious actors.
Most of these sites include phishing scams that exploit both consumers and workers who simply want to stay up to date on what’s going on. Directing traffic to these fraudulent sites are malicious email campaigns that use phishing and even social engineering tactics to incent action on the part of the user.
Ransomware is on the rise as well. Recently, a tracking app called “COVID19 Tracker” masked itself as a coronavirus outbreak map tracker. It was really ransomware that could lock down a phone and demand the payment of $100 within 48 hours.
This explosion of threats has caught the attention of the FBI, which issued warnings of an increase in fraudulent crimes related to the coronavirus. Cyber crimes include fake CDC emails, phishing emails related to stimulus checks, and the promotion of fake COVID-19 treatments and/or products like respirator masks, goggles, and protective gowns.
While there is an abundance of information online about COVID-19, users working from home should be careful about clicking on fraudulent sites and links. The latest up-to-date information about COVID-19 can be found at www.cdc.gov and www.coronavirus.gov.
With tens of millions of workers now doing work outside the enterprise network perimeter, businesses face the risk of their internal data being attacked. The surge of videoconferencing, remote access, and VPN services in the home are greatly expanding the attack surface that hackers can exploit and gain entrance into a network...