In these uncertain times, staying smart about personal health is necessary to fight coronavirus (COVID-19). But we also need to stay smart about cybersecurity. True to form, cybercriminals are doing everything they can to lie, cheat, and steal their way onto your device and into your personally identifiable information (PII). Stealing finances and identities are nothing new for hackers, but what is new is the voracious rate at which they are using COVID-19 as a cover for fraudulent activity.
A recent study by Check Point Research shows a 10x increase in the average number of new, registered domains since the end of this February. It also finds thousands of new websites are popping-up overnight with coronavirus-themed domains, and these are 50% more likely to be malicious. Hackers are capitalizing on COVID-19 virus fears with dramatically increased email phishing attacks, malware-laden attachments, and bogus links to compromised websites. At a time when people are vulnerable to deception, there’s one thing we can be sure of–cybercriminals are working overtime.
Many millions of users are relying on their devices for vital connections to family and friends, shopping, school, work, entertainment, and more. That means an abundance of cybercriminals are ready and waiting to dupe unsuspecting victims with their illegal schemes. Right now, COVID-19 website themes abound, with many promising trusted information to the public, and still others reassuring the purchase of products in high demand. These fake or “spoof” URLs abound, with many of them taking advantage of typo squatting, which happens when a user accidentally misspells a domain name. Below are some of the coronavirus-themed attacks that are currently circling the globe, as well as digital hygiene tips for you and your device.
COVID-19-Themed Attacks
What You Can Do: Digital Hygiene
The cybersecurity landscape is changing rapidly, yet most businesses have the same security posture they had years ago. Today’s threats must be countered with behavior-based tools, in addition to traditional methods.
Harbor Networks helps businesses develop a future-oriented security strategy, rationalizing a security posture with a sensible budget, and creating business cases to support new initiatives.
Typical solutions include:
• Endpoint Protection Platforms (EPP) & Endpoint Detection and Response (EDR)
• Security Information and Event Management (SIEM) & Threat Detection
• Penetration Testing
• Secure Web & Email Gateways
• Zero-Trust
• Data Loss Prevention (DLR) & Cloud Access Security Broker (CASB)
• Firewall & Intrusion Detection Services (IDS) / Intrusion Protection Services (IPS)
• Secure Access Service Edge (SASE)
• Identity and Access Management (IAM)
• Cybersecurity Awareness Training
Businesses today must prepare for a cybersecurity incident. A balance of defensive and offensive measures is required to keep the organization safe and to detect security breaches as soon as they occur.