As of this writing, the COVID-19 Coronavirus outbreak has topped 116,000 cases and continues to spread. Recently, the death count from the virus has surpassed 4,000 while over 5,000 others are currently in serious or critical condition. In one way or another, all industries are feeling the impact of the outbreak. Most notably, the travel industry has suffered tremendously due to the Coronavirus. Airlines, hotels, and cruises across the world have had to bring operations to a halt. The medical field has experienced a shortage in masks causing hospitals to make tough decisions on who gets masks and who doesn’t. Along with these and many others, the cyber threat landscape has also felt the weight of the consequences surrounding the Coronavirus. Here are a few ways the Coronavirus is impacting cybersecurity.
Scammers and criminals preying on fear
The Coronavirus has caused a heightened anxiety level for many people. Worry and fear follow people wherever they go- especially when accessing the internet. Criminals are preying on fearful individuals with Coronavirus phishing emails laced with malware. The World Health Organization (WHO) published an alert warning of scams associated COVID-19 in which criminals were posing as WHO representatives in hopes of gaining access to bank accounts or personal information. If you are contacted by a person or organization that appears to be from WHO, verify their authenticity before responding.
As a reminder, the World Health Organization will:
- never ask you to login to view safety information
- never email attachments you didn’t ask for
- never ask you to visit a link outside of www.who.int
- never charge money to apply for a job, register for a conference, or reserve a hotel
- never conduct lotteries or offer prizes, grants, certificates or funding through email
- never ask you to donate directly to emergency response plans or funding appeals.
Beware that criminals use email, websites, phone calls, text messages, and even fax messages for their scams. You can verify if communication is legitimate by contacting WHO directly.
Some phishing campaigns have linked PDF attachments offering Coronavirus safety measures, while others have manipulated news events to garner clicks.
Disruption of workflow
Many companies are having to quarantine their workforce. Companies are having to consider who is physically able to work from an office and who isn’t. This can disrupt workflow for teams as collaborative communication is often strained. Remote employees may still access their company’s network by using a Virtual Private Network (VPN). The problem with this is that an increased number of people using the company’s VPN can result in more targets for exploitation. Patching software can also be delayed due to lack of IT representatives on site.
Slowing down supply chains
The stock market continues to take a major hit due to the Coronavirus and it doesn’t seem to be slowing down. In a research note shared with Supply Chain Dive, Goldman Sachs said, “US companies will generate no earning growth in 2020.” Businesses relying on third-party outsourced information technology services might see disruptions in operations. These disruptions could create vulnerabilities that cybercriminals will try to exploit. Updates to business continuity plans will need to be made so that companies can manage disruptions involving their IT supply chains.
The risk of losing data
More employees working remotely also means that more company devices are being removed from the security of the office space. Removing these devices with individuals who are not accustomed to working outside the office can create risks that companies are unable to monitor. Devices are more likely to be lost or stolen. This jeopardizes the entire organization of losing valuable data or data falling into malicious hands.
The Coronavirus is impacting industries in numerous ways. It’s important to ensure that your organization is taking the necessary steps to prioritize the safety of employees while also securing company data. Make sure your employees are well educated on good cyber practices and can provide a solid line of defense even when working outside of the office!