The Cyberattacks Pandemic
What has the COVID-19 pandemic brought about in the field of cybersecurity? The fast adoption of new technology that has defined these past two years led to significant changes in the digital world (things like SaaS adoption, remote working, BYOD diffusion). However, because new technologies produce fresh vulnerabilities that call for fresh protection tactics, cybersecurity hasn’t always been able to keep up with these advances.
The coronavirus epidemic was unanticipated, particularly in the tech industry. New situations call for new answers, and in order to survive, many businesses had to fast change. However, improvisation does not always allow for flawless organisation, necessitating the abandonment of some of the most detailed security procedures to create room for flexibility.
The recent “pandemic” of persistent cybercrimes that have affected some of the biggest businesses in the world appears to be well known to all. In the wake of one of the most significant (and unexpected) technological revolutions of this century, let’s take a look at what has changed, what is occurring, and what the future holds for cybersecurity.
Hospitals being destroyed by ransomware
Most hospitals, clinics, and public health institutions experienced overcrowding with infected patients needing immediate treatment during the quarantine period. The multitude of other diseases that afflict humanity, however, continued to spread despite the health crisis. As “normal” illnesses and diseases have to be prioritised to meet the needs of COVID-19, priorities had to change. The health care systems of entire countries were facing the worst health catastrophe in decades, but doctors, nurses, and other hospital staff were too busy to pay attention to anything else. In 2020, ransomware attacks were to blame for roughly half of all healthcare data breaches.
The overwhelming scenario this produced was quickly exploited by ransomware gangs. Through 2020 and 2021, they ruthlessly persisted in attacking medical facilities at a record rate. Attacks against national health institutions occurred in both the US and Europe. An organised cyberattack even targeted the World Health Organization (WHO). The health care industry as a whole could scarcely afford to be locked out of its IT infrastructures, hence cybercriminals preferred that the ransom be paid as quickly as possible.
Numerous security flaws were discovered, particularly given that many public health facilities use antiquated technology and have no cybersecurity protections in place to fend off attacks or, at the very least, limit damage. Preventive measures were made more difficult by the reluctance to share information about the ransomware attack, the cybersecurity infrastructure, and the frequent lack of backups.
Trying to con the smaller fish
The broad acceptance of remote work was one of the biggest transformations that we all underwent to some extent. During forced lockdowns, what was once a convenient benefit for staff at some of the most adaptable firms became a genuine necessity to ensure at least a minimal level of business continuity.
However, including everyone in the smart-working environment means that even those who are not particularly tech-savvy are exposed to an excessive amount of risks. Especially if they will be handling any sensitive data, it is undoubtedly a great decision to instruct your staff on how to avoid the numerous internet hazards. To effectively train the entire workforce, however, people lacked the resources (time, money, and organisational space) during the quarantine.
In conclusion? Knowing they could easily snag the most gullible employees, cybercriminals stretched their “phishing” poles, and guess what? They caught a huge number of them. To put things in perspective, from January to March 2020, there were more than 500,000 phishing sites, an increase of 350% in just 3 months, from just under 150,000!
But phishing goes well beyond a simple website or two (thousands), and include all kind of messages, using social engineering tactics, that prey on the fears and anxieties generated by the pandemic, such as phone calls, ads, emails, and much more. In Italy, people willfully downloaded a “Corona anti-virus” tool that allegedly protected their devices from (don’t laugh), COVID-19 itself. Needless to say, this software was just a scam that recruited the PC into the BlackNet Rat bot army to be controlled remotely. That would be hilarious, if it wasn’t tragic.
Containing the SaaS Explosion
To enable the user to function in complete security when working remotely, a completely secured tech stack is required. BYOD policies and the use of Software-as-a-Service (SaaS) apps are commonplace, but when time is tight, it can be challenging to put everything in order for a well-planned cybersecurity strategy. Particularly for solving unforeseen problems, filling any gaps, and offering a cheap, simple, and accessible answer to many concerns, SaaS apps have shown to be a wonderfully nimble option. But things quickly got out of hand, with huge SaaS programmes accounting for up to 70% of many firms’ actual software usage.
Unsecured SaaS environments are understandably dangerous for businesses, especially when combined with risky BYOD policies and unskilled remote workers. Unsophisticated and uncontrolled user behaviour can create huge security gaps in a company’s data transmission procedures, and SaaS apps can make everything even worse.
In the SaaS context, when a user shares a sensitive file without adequate security, the same data might migrate across multiple uncontrolled apps, creating a risk that spreads like a ripple in a lake. Except this ripple can reach malicious eyes. And if lack of direct control over one’s own data was not enough, the uncontrolled growth of unsanctioned SaaS apps means facing additional security threats such as lack of transparency from unknown vendors and their inability to keep up with modern cybersecurity standards. In other words: it’s a mess.
The risks of cybercrime are nothing new, but the sheer number of unprepared individuals now entering the digital world has increased the hazard. The widespread sense of dread and confinement brought on by the pandemic and its response measures, such as lockdowns and quarantines, only served to increase the opportunity for less honourable people to take advantage of the situation.
Cybercriminals had a field day with companies that couldn’t keep up with changing laws, technology, customer demands, etc. The cybercriminal community was free to access hitherto unheard-of volumes of data. The world of cybercrime is one of perpetual development. Cybersecurity experts need to be prepared for anything in this world. In that situation, the tools at your disposal just serve to get you going; forecasting what will happen next and being ready for it are what really matter. Keep an eye out for threats and keep your guard up at all times because the battle is far from over!
For More IT Articles Click Here