Cyber Attacks On Increase During Covid-19

Summarise on:
Charu Pel

Charu Pel

6 min Read

LinkedInTwitterEmail

Cyber Attacks On Increase During Covid-19

We noted in the last blog that organizations face new challenges and have to prepare for new risks. The sudden change in the way the business is kept functional has a direct impact not just on business continuity but various other risks such as Cybersecurity/Technology Risk, Fraud Risk, Employee/Third Party Fraud Risk, Ethics and Compliance Risk, Reputation Risk, Operational Risk, Financial Risk, Supply Chain Risk, Health & Safety, Key Person Dependency Risk, Regulatory Risk, and Market Decline Risk. The link below provides more insight into how internal auditors can add more value during the critical time by being agile.

https://www.linkedin.com/posts/charupel_cyber-security-covid19-risks-audit-plan-activity-6655466815331844097--u7-/

This blog is part of our ongoing COVID 19 Cyber Security series. Each piece focuses on a different area impacted due to COVID 19and aims to answer the questions that are important to your business. Read more to learn about ongoing cyber-attacks that continue to cause damage during COVID-19.

What cyber attack increase indicators were reported during COVID-19?

  1. Since the declaration of the pandemic on March 11th by WHO, IBM X-force reported a 6000% increase in COVID-19 related spams. The small business owners and consumers are most impacted by phishing.
  2. Google reported in the second week of April blocking more than 100 million phishing emails. The Google team saw 18 million daily malware and phishing emails related to COVID-19 in addition to more than 240 million COVID-related daily spam messages.
  3. Barracuda researchers reported a steady increase in the number of coronavirus or COVID-19-related spear-phishing attacks since January 2020, but they have observed a recent spike in this type of attack, up to 667-percent since the end of February 2020.
  4. COVID-19 is being used in a variety of malicious campaigns including email spam, malware, ransomware, and malicious domains. The Netflix subscription messages in different forms and URLs are floating around. Some of them are promising free 6-month subscription if registered within 24 hour and other are offering 2 months subscription.
  5. According to the latest Malwarebytes statistics, web skimming increased by 26 percent in March over the previous month.
  6. Domain registrar, Namecheap is no longer accepting any new domain applications including the words "coronavirus," "COVID," and "vaccine," among other versions of words and phrases alluding to the ongoing COVID-19 pandemic. The measure is to prevent abuse and fraud from sites trying to hawk fake products and misinformation and otherwise capitalize on the ongoing global health crisis.

What resources help address these COVID-19 cybersecurity challenges?

Here is the quick look at the resources you have to address the above challenges:

  • 1. The United Kingdom's National Cyber Security Centre (NCSC) and the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) have jointly provided practical advisory for individuals and organizations on how to deal with COVID-19 related malicious cyber activity.

Link: https://www.ncsc.gov.uk/news/covid-19-exploited-by-cyber-actors-advisory

  • FBI shared DOs and DONTs about the following topics:
  • Teleworking (Remote work online)
  • Education Technology Tips
  • BEC (business email compromise) Tips
  • Cyber Crime Vulnerability Tips

Link: https://www.ic3.gov/media/2020/200401.aspx

What quick-tip resources are recommended for COVID-19 challenges?

Quick tips for addressing COVID-19 Challenges

ResourceLink
COVID-19 Guidance for Small and Large Businesseshttps://www.linkedin.com/posts/charupel_coronavirus-guidance-for-small-and-large-activity-6642842725655859200-v13D/
Remote Work Easy Fix Cyber Security Checklisthttps://www.linkedin.com/posts/charupel_remote-work-senior-management-director-activity-6648460735728934912-IFX8/
COVID-19 -Third-Party Risk Management Serieshttps://www.linkedin.com/posts/charupel_monday-morning-cyber-security-thrid-party-activity-6627941269656133632-XYnN/
COVID-19 - How to Protect Against Malware Serieshttps://www.linkedin.com/posts/charupel_how-to-protect-against-malware-part-iv-activity-6579525962428403712-1ZFa/

Why should organizations block newly registered domains?

  • Blocking newly registered domains (NRDs) as the sites specifically created with the purpose of committing a cyber crime tend to be much younger.
COVID-19

GRC Insights That Matter

Exclusive updates on governance, risk, compliance, privacy, and audits — straight from industry experts.

Related Resources

Related Posts

COVID-19 Quick Remote Work Cyber Security Checklist
Cybersecurity
COVID-19 Quick Remote Work Cyber Security Checklist

A practical remote-work cybersecurity checklist for leadership and employees with role-based controls and phishing-awareness prompts.

Read More
COVID-19 Risks & Audits
Cybersecurity
COVID-19 Risks & Audits

Understand key risk areas and focused audit priorities for continuity, cybersecurity, third-party exposure, and crisis response.

Read More
COVID-19 Easy Fix Remote Work Cyber Security Checklist
Cybersecurity
COVID-19 Easy Fix Remote Work Cyber Security Checklist

Use a quick action checklist to improve remote-work security posture, endpoint hygiene, and incident-readiness under disruption.

Read More
background-line