The ongoing global pandemic has affected nearly all aspects of life as we know it. One area you may not have considered is corporate security. The landscape of data breaches has transformed since the onset of COVID-19. With little hope for a proven vaccine soon, organizations will probably have to deal with these consequences for a while.
A coalescence of factors
COVID-19 has proven to be a perfect storm regarding cybersecurity issues. Many variables have contributed to this.
First, furloughs, layoffs, and sick leave have reduced the human capital organizations have at their disposal. IT departments have not been spared from the chopping block, either[1]. The decrease in cybersecurity professionals combined with the dip in overall revenues for the majority of companies means resources are limited. Prevention systems are weakened, or at least not fortified, providing ample opportunities for malicious agents to prod and pry.
Another important element is the rise of the remote workforce. COVID-19 has accelerated the transition of employees from the office to the home. According to a recent survey by PWC, the percentage of executives who claim that most of their office staff work remotely at least one day per week rose from 39% before the pandemic to 77% after[2]. New security measures may have to be implemented to deal with a flux of new devices, weak remote access policies, and VPN configurations. This is a massive undertaking and further taxes already-strained IT departments.
Finally, general stress and anxiety levels for employees are high. Not only do they have to worry about protecting themselves from a potentially deadly virus, but there is also great economic uncertainty. People aren’t sure whether they’ll have their jobs a month down the line. This may have the unintended effect of making them less focused on maintaining proper cybersecurity protocols.
Data breach trends during COVID-19
Trends have emerged from this strange, new environment.
Perhaps the most insidious is the prevalence of COVID-19-related phishing attacks. Hackers prey on the fears and concerns of everyday people to gain access to networks. According to research from Verizon, people were 30% more likely to click a suspicious link if it was related to the pandemic[3]. Some organizations fared especially bad, with employee click rates ranging between 30-60%. Knowing this, it’s no wonder coronavirus-based spear-phishing attacks have risen in number[4]. Bad actors are utilizing more effective techniques more often.
Another trend is an overall increase in user error. People are adapting to new working conditions and dealing with digital transformation technology they may not be familiar with, all while in the midst of a global health crisis unparalleled in recent times.
Common examples of user error include the misconfiguration of security software, accidental delivery of sensitive documents to unauthorized recipients, or mistakes with file permissions.
Attacks on unsecured remote desktop protocol machines have also spiked since the start of the pandemic[5]. Hackers have more targets now that so many people are working from home on remote desktop software. They use simple brute-force attacks to take over a system. Then, they can install any variety of ransomware, cryptocurrency mining programs, or secret backdoors.
Similarly, Virtual Private Networks (VPNs) are also being targeted[6]. While sometimes mistaken as remote desktops, they are quite different. A VPN creates an encrypted private network on top of a larger network. Remote desktops just allow users to gain access to their computers from a different location. Remote desktops give the user access to the entire computer while VPNs restrict access to the shared folders on a given network.
This, plus the standard encryption make VPNs more secure, generally. It doesn’t mean that VPNs are cannot be hacked, however. A common trend right now is malicious agents using Distributed Denial-of-Service (DDoS) attacks to overwhelm VPN systems, leaving them vulnerable to breaches.
A DDoS attack is when a hacker gains control of a large number of online computers, then uses them to steer traffic to a specific network. The sudden increase in traffic overloads the networks and causes them to crash.
Cloud-based software is being attacked more often as well. Collaborative tools such as Zoom and Slack have seen significant growth in users and therefore, more attention from cyber-thieves. Up to 1350% more attention, depending on the industry[7].
Popular cloud software is usually developed by large corporations you’d assume would be committed to tight security. The truth is, even if the developer devotes considerable resources to security, vulnerabilities remain. For example, large exploits were found in the Microsoft Azure platform that could have allowed threat actors to gain access to other users’ data[8].
Effects on the healthcare industry
Healthcare providers throughout the world have had a rough year. They are on the frontlines in the fight against COVID-19 and have had their capacities tested. You would hope that they would be able to focus most of their attention on that monumental task, but also, they have had to deal with cybersecurity threats.
For example, in June alone, there were 37 confirmed cases of IT-related data breaches in the healthcare sector[9]. Over a million healthcare records were compromised. These attacks are quite common but pose even larger risks during a pandemic.
Imagine if a busy hospital were to undergo a major hack that left important systems or health records inaccessible. This could have disastrous consequences, especially if the area was in the middle of a spike in virus cases. It could lower the hospital’s capability for patient care, or at least divert important resources.
How can companies be more prepared?
It’s impossible to be completely protected from cyber-attacks, but there are ways to mitigate risk.
The first thing to understand is that you’re only as protected as your weakest link. You may need to do a thorough audit of your network and address the troublesome areas. Perhaps your system is rock solid, but if you have suppliers or outside vendors that have access to the system, you still have potential attack points.
You also need to invest in employee education on best practices. Inform them about the stakes of a breach. Train them on common phishing techniques and proper communication protocol. It needs to be made a priority throughout the entire organization if you want to be as protected as possible.
Ensure your IT department has the resources required to mount a worthy defense. Look into new, exciting security technologies that utilize artificial intelligence and blockchain. AI can act as a constant presence, safeguarding your network and quickly informing administrators about attacks. Blockchain solutions can encrypt sensitive data and protect your file systems from being altered.
Securing data at rest and in motion
It’s disappointing that opportunistic hackers are taking advantage of a fragile moment in time, but not surprising. These malicious agents aren’t interested in doing the right thing. They’re only interested in stealing money and information. Hopefully, through a combination of preventative and mitigating techniques, you can keep your most sensitive data safe.
Axel is dedicated to data security. Our platform, Axel Go, uses blockchain encryption to provide the safest file sharing experience available. If you value privacy and security, download Axel Go today for free and get the peace of mind you need.
[1] Galen Gruman, “COVID-related U.S. IT job losses tick up as spike in cases creates uncertainty”, COMPUTERWORLD, Jul. 6 2020, https://www.computerworld.com/article/3542681/covid-related-us-it-job-losses-tick-up-as-spike-in-cases-creates-uncertainty.html
[2] “When everyone can work from home, what’s the office for?”, pwc, Jun. 25 2020, https://www.pwc.com/us/en/library/covid-19/us-remote-work-survey.html
[3] “Analyzing the COVID-19 data breach landscape”, Verizon, Aug. 2020, https://enterprise.verizon.com/resources/articles/analyzing-covid-19-data-breach-landscape/
[4] Fleming Shi, “Threat Spotlight: Coronavirus-Related Phishing”, Barracuda, Mar. 26 2020, https://blog.barracuda.com/2020/03/26/threat-spotlight-coronavirus-related-phishing/
[5] Ondrej Kubovic, “Remote access at risk: Pandemic pulls more cyber-crooks into the brute-forcing game”, We Live Security, Jun. 29 2020, https://www.welivesecurity.com/2020/06/29/remote-access-risk-pandemic-cybercrooks-bruteforcing-game/
[6] Sue Poremba, “Increase in Small DDoS Attacks Could Take Down VPNs”, Security Boulevard, Apr. 7 2020, https://securityboulevard.com/2020/04/increase-in-small-ddos-attacks-could-take-down-vpns/
[7] Lucian Constantin, “Use of cloud collaboration tools surges and so do attacks”, CSO, May 26 2020, https://www.csoonline.com/article/3545775/use-of-cloud-collaboration-tools-surges-and-so-do-the-attacks-report-shows.html
[8] Ronen Shustin, “Remote Cloud Execution – Critical Vulnerabilities in Azure Cloud Infrastructure”, Check Point Research, Jan. 30 2020, https://research.checkpoint.com/2020/remote-cloud-execution-critical-vulnerabilities-in-azure-cloud-infrastructure-part-i/
[9] Steve Alder, “June 2020 Healthcare Data Breach Report” HIPAA Journal, Jul. 24 2020, https://www.hipaajournal.com/june-2020-healthcare-data-breach-report/