Incident Of The Week: How Hackers Are Taking Advantage of Coronavirus
The coronavirus has upended almost every aspect of daily life. Stress and panic levels of individuals all over the globe have spiked. People are on edge, and hackers use these heightened emotions to their advantage. Now, cyber threats are increasing as COVID-19 continues to cause global panic.
Cyber security affects businesses and organizations of any size. While hackers direct some of their attacks at health organizations, CISOs should be cognizant of cybercriminals' capabilities. From the World Health Organization (WHO) to Italy's INPS, these are the pressing threats that come from the coronavirus crisis.
The WHO Faces Several Attacks
The WHO is the center of information for COVID-19 and all things public health and safety-related. This organization provides citizens around the world with the best health practices and information about how to handle this crisis. With this attention, the organization is also facing significant cyber security threats.
At the beginning of March, hackers attempted to break into the email accounts of WHO staff members. The investigation has been ongoing since then. However, no word has come whether the hack was successful or not. This incident comes on top of the various phishing emails going out to staff members and outside individuals asking for personal information. Experts believe that this attempt came from hackers whose interests align with the Iranian government. However, the Iranian government denied these claims.
Another advanced persistent threat (APT) came from who experts believe is a group called DarkHotel. The hackers attempted to infiltrate the WHO's systems but were ultimately unsuccessful. The CISO at the WHO stated that the organization faced an increase in cyber threats since the pandemic began.
These attempts speak to the larger issue of vulnerability during this time. CISOs must be able to recognize threats early on before they become breaches. Otherwise, like the WHO, you may face increased cyber security issues.
Department of Health and Human Services Breach
On March 15, the Department of Health and Human Services (HHS) faced a security breach. After picking up on the increase in activity, security employees monitored and fought the breach for several hours.
The hackers attempted to overload HHS's servers by spamming the department with millions of requests. While their attempt was unsuccessful, HHS staff believe the cybercriminals had another goal in mind. If the hackers were able to infiltrate the HHS's systems, they could've slowed the department's ability to help in its coronavirus response.
From this incident, CISOs should understand the crucial takeaway. HHS was able to fend off this attack due to its extensive systems and cyber security levels. Since cybercriminals are consistently creating new ways to breach, you must always keep your company's cyber security up-to-date.
Without proper cyber security measures, liability claims may follow suit — upholding the best security practices will help prevent these instances. Just as HHS saw, cybercriminals aren't always attempting to steal or leak information. If CISOs follow HHS's response and improved monitoring, they can fend off attacks in the same manner.
Italy's INPS Information Leak
Cyber-attacks exist everywhere in the world, just as COVID-19 does. Italy has faced similar cyber security issues as other countries. On April 1, a cyberattack sent Italy's INPS website offline after an overload of traffic. Italian citizens flocked to the site for the INPS — the Italian department of welfare and social security — on the night of March 31. The Italian government announced that the website is where citizens could go to apply for their coronavirus relief packages.
Due to an overwhelming amount of traffic that night, the site crashed, allowing for a cyber breach to occur. After the website faced the attack, users noticed that personal data was visible for anyone to see. This information included names, tax codes, addresses and more. The Italian government rebooted the website with a patch, expelling any breach.
Increased use of a website can open new paths for hackers to breach, no matter how secure the site. Unsecure or unencrypted connections and VPNs allow cybercriminals to access private information and leak it. This level of a breach can happen to any organization or business, which is why CISOs must ensure the utmost security for their enterprise.
What CISOs Can Do to Keep Data Safe
As a CISO, you may be facing increased threats or pressure to improve security for your enterprise. These instances are occurring around the world for many companies. Health and government organizations aren't the only entities at risk — many smaller businesses face the same breaches.
To best protect against threats like these, especially as employees work remotely, you'll want to encrypt and secure all devices and connections. If possible, you'll want to have employees use corporate-issued devices, since they are likely already secure.
Changing passwords frequently is a small but powerful step to prevent hacks. Alerting employees of the probability of phishing emails, too, will help protect the company. Similarly, two-factor authentication is a powerful tool to stop cyber criminals. Last, anti-virus or anti-malware software and secure VPNs will help individuals with potential threats since most people are now working from home.
The coronavirus has shifted the way people work and deal with cyber threats. As a CISO, however, you have the power to help your coworkers and your enterprise to have the best protection possible.