There is no doubt that we are all doing our best to navigate these uncharted and often murky waters during this global crisis. Businesses, to protect their workers and by government mandate, have allowed employees to work from home. The move towards working remotely coupled with the fact that cyber attackers have become very good at exploiting local and global vulnerabilities in times of crisis have given rise to various new cyber-attacks. Review the information from Insurance Business America and please reach out with any cyber concerns that you have. We are here to answer your questions on whether cyber liability is right for your business.
Security and tech experts have warned that hackers are now resorting to emails and apps claiming to provide information on the COVID-19 outbreak to fool victims into installing malware on their devices.
According to information security provider ZScaler, hackers have been preying on people’s fears of the coronavirus by creating apps with features too good to be true. One such fake app claims to notify users as soon as anyone infected with the virus is nearby. The app actually locks the victim’s phone and demands for a ransom to lift the encryption.
“There are also apps that tell you where you can go and buy an N-95 mask. These are all hoaxes – the moment a user downloads such an app it will corrupt your smartphone or laptop and may ask for a ransom to unlock it,” Sudip Banerjee, the director of transformation strategy in Asia-Pacific and Japan at ZScaler, told ETtech.
Another security company, Lookout, found that another application is essentially a copy of the legitimate coronavirus tracker maintained by Johns Hopkins University – only this copy has trojan malware.
“Upon first launch, the app informs the user it does not require special access, but subsequently proceeds to request access to photos, media, files, device location,” explained Lookout security research engineer Kristin Del Rosso.
Fake mobile apps are not the only thing threatening users – emails on the subject of the coronavirus have also become another outlet for malware. Emails with document attachments claiming to have a list of precautionary measures against the infection can be phishing attempts, warned Quick Heal Security Labs director Himanshu Dubey.
“We see links or attachments that deliver information stealing malware which can steal the person’s website and bank credentials,” Dubey told ETtech.
The Cybersecurity and Infrastructure Security Agency (CISA) – an agency within the Department of Homeland Security – has warned that as more companies are allowing their employees to work from home amid the COVID-19 outbreak, the businesses open themselves up to more vulnerabilities that hackers can abuse.
In a recently issued notice, CISA explained that remote work options typically require an enterprise virtual private network (VPN) solution to connect employees to an organization’s IT network. But this can make employees ripe targets for malicious cyber actors looking to gain access to those networks.
CISA outlined some cybersecurity considerations:
• Since VPNs are kept on 24/7, organizations are less likely to keep them updated with the latest security updates and patches.
• Malicious cyber actors may increase phishing emails targeting teleworkers to steal their usernames and passwords.
• Organizations that do not use multi-factor authentication (MFA) for remote access are more susceptible to phishing.
• Organizations may have a limited number of VPN connections; this can lead to some critical business operations being hamstrung, like IT security functions.
The agency also recommended the following measures to mitigate VPN security issues:
• Update VPNs, network infrastructure devices, and devices used to remote into work environments.
• Alert employees to an expected increase in phishing attempts.
• Ensure IT security personnel are prepared to “ramp up” tasks such as log review, attack detection, and incident response and recovery.
• Implement MFA on all VPN connections.
• Ensure IT security personnel test VPN limitations in preparation for mass usage.
Contact the CSIA to report cyber incidents.