The world has moved, virtually, to a new order since the COVID pandemic began. In India we’ve seen a lockdown come into force from March 24th, which continues till today in different forms, based on the zone-wise categorization of each geography.
An immediate impact of the lockdown has been the confinement of people in their homes. Working from home (WFH) has become the new reality for many who are now constantly required to be online while at their residences. Furthermore, with loss of jobs, many others are also finding themselves frequently on the internet, looking for sources of earnings or for new jobs.
However cyber miscreants have noted this increased online activity on relatively under-secured home networks, and are taking huge advantage of the opportunity it presents to them. These bad actors have even adopted their lures to capitalise on the COVID-19 outbreak.
A familiar cyber-security firm states that between January and April, the number of cyber-scams has touched more than 1.6 million, which is at least thrice the number for the previous period. The risk is especially high for organisations that deal with sensitive financial or other customer data such as banks, NBFCs, healthcare companies, and even for governmental agencies or organisations which can solicit funds for COVID-19 related work such as the WHO.
What kind of attacks have surfaced during the lockdown?
The Computer Emergency Response Team of India (CERT-In) in its advisory has highlighted that cyber criminals are taking the lockdown as an opportunity to send phishing emails claiming to have important updates, or encouraging donations while impersonating trustworthy organisations. Here are some of the commonly observed incidents in India and other countries, as reported by Interpol, Google and other authoritative sources:
- Creation of Malicious domains
These are domains on the Internet that contain the terms: “coronavirus”, “corona-virus”, “covid19” and “covid-19”. While some are genuine websites, thousands of new sites are being created by bad actors every day for generation of spam campaigns, phishing or to spread malware.
- Malware
Elements like spyware and Trojans have been found embedded especially in interactive coronavirus maps and websites. Spam emails try to trick users to click links which download malware to their computers or devices.
- Ransomware
Hospitals and public institutions are increasingly getting targeted for ransomware attacks through emails containing infected links or attachments, leaked employee credentials, or through any other vulnerability in their system. Many of them are already stretched by the healthcare requirements of the situation, and further cannot afford to stay off-line. Criminals are trying to exploit these factors to try and get them to pay ransom to keep their data intact.
- Phishing and impersonation
Phishing is one of the most effective methods that attackers use to compromise accounts and gain access to data and resources. As per Google there are over 240 million COVID spam messages being sent daily, many with malware embedded, and 100 million phishing accounts are being blocked by Gmail every day. Using fear and financial incentives are common phishing techniques to try and get user information. Other ways include impersonation of trusted entities, eg. impersonation of WHO to solicit donations and to distribute malware such as downloadable files that can install backdoors meant to capture your data. Some clever phishing emails even impersonate employers to employees, or claim to offer government stimulus packages to employees of small businesses.
- Targeting of Individuals
Another alarming trend is that individuals have become easy targets of cyber-attacks more than ever. Not having licensed software or missing the latest software updates, the absence of sufficient protection from firewalls, VPNs or anti-virus software makes them most vulnerable. Fake SIM card scams, and the Paytm wallet-doubling scam that have emerged recently are threats to both individual and national security, often run via Telegram and the dark net.
What are the recommendations and tips for prevention of cyber-attacks?
- Keep your information safe – back up your important files, and store them away from your system (e.g. use the cloud, or an external drive);
- Always check that you are on a company’s legitimate website before entering login details / other sensitive information.
- Use the latest system software and anti-virus software on your computer and mobile devices;
- Strengthen your home network with strong passwords, two factor authentication (2FA) and VPNs;
- Download mobile applications or any other software from authorised platforms such as the Google Play Store, Apple App store, or Microsoft Store;
- Perform regular virus scans on your computers and devices;
- Educate your family, including the children, about how to stay safe online;
- Update and strengthen your passwords (using a mix of uppercase, lowercase, numbers and special characters helps) and update your privacy settings on Social Media accounts;
- Do not click on links or open attachments in emails which you were not expecting to receive, or come from an unknown sender.
- If you believe you are the victim of a crime, contact the relevant regulatory authorities.
Finally a word to the wise – despite all the awareness of cyber-crime and the best of protection that you can deploy, a hacker or a phishing attack might still catch you unaware. A good Cyber-Insurance Policy is invaluable to manage this risk and mitigate any losses you might suffer. Good policies offer benefits like covering you and your organization up to 100% from any losses due to unauthorized transactions, phishing or E-mail spoofing. Your digital assets can be protected from malware attacks. Further you can also opt for personal protection for your digital and financial assets and include your spouse and two dependent children in your policy, to cover them from any losses they might suffer due to cyber-criminal activity.