Alert for Cyber Risk and COVID-19

Alert for Cyber Risk and COVID-19 - featured image
16 March 2020

Be wary of emails, instant messages, and links related to COVID-19. Cyber criminals are leveraging this topic. Do not click on that garbage unless you know it is coming from a legitimate source!

Typically, cyber criminals leverage a hot news topic (like COVID-19), target a susceptible audience (like people who are worried about COVID-19), and let loose with multiple, massive campaigns. What this means for you is that you should expect emails, social media messages, phone calls, and texts with malicious content related to COVID-19. Please be very careful about opening those messages, clicking on links, answering these calls, or downloading attachments. Criminals will pose as your friends, your HR department, the CDC, etc.

From a cyber risk perspective, this means that the threat landscape is shifting dramatically. There is a wave of new teleworkers hitting internet infrastructure. Cyber criminals will actively look for ways to take advantage of these teleworkers in order to gain access to otherwise secure company networks. In addition, industry sectors which are disproportionately hit by COVID-19 will become softer targets for cyber criminals.

On the flip side I can assure you that the cybersecurity industry is actively working this problem. It is at the forefront of our concerns. Unfortunately, we are playing a numbers game. While cyber defenders may be able to block 99.99% of all the cyber crime campaigns related to COVID-19, the 0.01% that get through are still going to land on your laptops or smartphones. In other words, despite very impressive work by cyber defenders, there will be companies where the cyber criminals succeed. I suspect many of those “successes” will occur within industry sectors which are getting disproportionately hit by COVID-19.

As someone who works within a team that builds and evaluates cyber risk models, I am actively monitoring the industry sectors which are getting disproportionately hit by COVID-19: the Health Care, Financial, Government, Transportation, and Telecommunications sectors to name a few. Risk models, time series analysis, massive data sets, and hard core mathematics are the tools of our trade. Cyber criminals are the targets.

Ironically, I will now provide you with a COVID-19 related link. My colleague Frank Smith wrote a short blog article about working from home and increases in cyber risk.

The Latest

Prevailion CEO, Karim Hijazi – Cheddar News- FCC commissioner calls on Apple and Google to ban TikTok app

A member of the FCC renewed urgency calls on Apple and Google to remove TikTok from their app stores, raising concerns that TikTok’s Chinese-based parent company is collecting user data that is being accessed in China.

IRONSCALES Cyber Security Heroes: The New Cyber Era Post Ukraine Invasion

What Wicked Webs We Un-weave

What Wicked Webs We Un-weave: Wizard Spider once again proving it isn’t you, it isn’t me; we search for things that you can’t see Authored by: Matt Stafford and Sherman Smith Executive summary: In late January 2022, Prevailion’s Adversarial Counterintelligence Team (PACT) identified extensive phishing activity designed to harvest credentials for Naver. Naver is a […]

Copyright 2023 Prevailion, Inc. All rights reserved.    

Disclaimer: Gartner “Cool Vendors in Security Operations and Threat Intelligence,” Mitchell Schneider, Ruggero Contu, John Watts, Craig Lawson, October 13, 2020. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner Disclaimer: The GARTNER COOL VENDOR badge is a trademark and service mark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.