COVID-19, and its implications for businesses, has been widely discussed over the past few weeks, particularly when it comes to cyber crime and how bad actors are trying to exploit the pandemic for their own ends.
Ilia Kolochenko, founder & CEO of Web security company ImmuniWeb, answers some of the most frequently asked questions around this topic.
1. How are cyber criminals exploiting people at home?
Kolochenko says it is a convoluted mix of infrastructural unreadiness and overly susceptible human psychology during the spiraling crisis.
“Some cyber criminals exploit uncertainty and aptly forge e-mails or SMSes claiming to be from state authorities, imposing or demanding certain actions, including sharing confidential data or clicking on a malicious link to infect victims with malware.”
Others, he says, merely exploit overall lack of security hardening of home-placed computers and deploy various well-known attacks, ranging from large-scale spear-phishing campaigns to sophisticated BEC (business e-mail compromise) scams targeting C-level executives.
He says all of these vectors are highly efficient. At the same time, breach investigation is hindered by suddenly disorganised IT and security teams trying to adapt themselves to this new reality.
2. Do video conferencing calls make individuals more vulnerable?
While conference calls do not create additional cyber security risk per se, they do expand a wide spectrum of existing attack scenarios, such as sending fake Zoom or WebEx invites, warns Kolochenko.
3. Are employees responsible for their own security?
Kolochenko believes this should remain the responsibility of the employers. In light of the spiraling panic and partial shortage of food and medication in some cities, it would be somewhat unreasonable to shift this burden to already overburdened and stressed staff members, he says.
4. How will ..
Support the originator by clicking the read the rest link below.
