Due to employer recommendations or orders from federal, state, and local authorities concerning the current COVID-19 outbreak sweeping the globe, working from home has become increasingly common. And in demanding times, many corporate functions which are deemed non-essential are the first to be reduced. In some organizations, cybersecurity tends to be lumped into the non-essential category. If this resonates with you, remember the importance of cybersecurity and good cybersecurity practices are even more critical now than in times of normal operation, even though cybersecurity-related projects may be put on hold.
When there are global emergencies, or other high-profile news, attempts by scammers to compromise systems or accounts through phishing attacks typically trend upwards.
Every person within an organization has information that is valuable to an attacker. People in a technology-related role may receive phishing attempts about computer issues that appear to be coming from others within the organization. These might say that they are having issues connecting to work systems or are having random errors with an image of the error attached. However, these attachments will be malicious attacks that attempt to load keyloggers, other pieces of software, or even attempt to create a remote session to the system. In these instances, the attacker is playing off the employee’s willingness to help others during a time of need.
Employees who are not in a technology specific role are also targeted. Those targeted attempts might not play off the urgency to help someone but rather target the employee’s curiosity.
A phishing attacks may lure the employee in with an email message that can say, “Multiple individuals within the organization have tested positive for COVID-19. Please click the following link to follow live updates of all employees who have tested positive.”
While some employees will recognize this as a serious Health Insurance Portability and Accountability Act (HIPPA) violation and know it is not legitimate, for others, the temptation, or even fear, will be too great to recognize the obvious flaws in the email and will click on the link. And once the link has been clicked and the employee accesses the malicious web page, the attack will have already compromised the system and given the attacker access to any data on their system.
Beyond the increase of phishing attempts, there could also be an increase of active cyberattacks happening around the world during these times as well. With fewer people working either from home or in an office, an attacker could utilize this time to strike an organization. When employees are focused on other tasks, they might skip reviewing logs which may have alerted them to an attack happening on a system. With everyone’s time, effort, and thoughts on items that are deemed more critical to them than cybersecurity, attackers could potentially have much more time and freedom within an organization before they are detected and stopped.
While scenarios like this will not happen to everyone, there is a very real possibility that they will happen to some. In times of crisis—like the one we currently find ourselves in—we may adjust our focus, but we need to make sure we are diligent and mindful of the cybersecurity issues surrounding us. Don’t let distraction lead to vulnerability for your organization.
Brandon Bohle is Manufacturing IT analyst III at Interstates Control Systems, a certified member of the Control System Integrators Association (CSIA). For more information about Interstates Control Systems, visit its profile on the Industrial Automation Exchange.