Cyber attacks of all types have intensified during the Covid-19 pandemic, with hackers targeting public figures, banks, healthcare providers. because the rise in remote work creates new access points. An assault on the power grid could have wide-ranging implications across sectors. While no outages have so far been attributed to hackers, grid companies are beefing up security amid an unprecedented onslaught that, during a worst-case scenario, could trigger blackouts or damage vital equipment.
COVID-19, hackers are presented with opportunities on multiple fronts. They play on people’s concerns about the virus by presenting phishing schemes or malware disguised in fake Centers for Disease Control and Prevention (CDC) alerts that mention the newest vaccine or treatment developments. Hackers quickly used the pandemic and related anxiety to lure people into phishing schemes and malware attacks. there’s also pressure on healthcare companies and researchers to safeguard their vaccine and treatment data.
Over the past few months, many workers have turned their homes into their new, remote offices, including government employees, which brought a variety of risks through the use of unsecured Wi-Fi and poor access controls. This shift toward home also because the underlying panic brought on by COVID-19 altered hackers, focus and targets aimed toward the remote worker.
Contact tracing issues
Another opportunity for hacking during the pandemic comes with contact tracing. Hackers found contact tracing apps a perfect protect phishing scheme, by misrepresenting official tracing accounts via email. Legitimate apps themselves also are targets for hackers who see them as a treasure trove of knowledge with individual names and addresses also as insights from contacts and movements.
ZOOM: Video Conferencing
Zoom video conferencing app has seen an unprecedented level of growth within the past month approximately. this is often mainly thanks to the coronavirus pandemic that has forced people to stay indoors and work from home, leaving voice and video calls the only way of communication. due to this sudden growth, several privacy and security concerns surrounding Zoom have come to the fore. Now, a fresh report claims that over 500,000 Zoom accounts are hacked and are being sold on the dark web.
Zoom accounts were reportedly being sold for $0.0020 (roughly Rs. 0.15) per account and in some cases, given away for free of charge.
Targeting remote workers
The massive shift toward remote work means more networks are accessed by employees on their own devices. Companies without a far off work component were left to scramble as shutdowns started, fixing place a patchwork of security protocols that always afforded little protection. Remote workers are enticing targets for hackers conducting data theft and ransomware.
Cyber Attacks in India since Lockdown:
Cyber security attacks and breaches within the country have jumped by 500% since the lockdown was first announced in March, consistent with security experts.
Most of the attacks are below the radar and include attacks on small companies, money lost, phishing.
According to reports, quite 22,000 pages of plans are leaked.
New cyber security policy coming for digital India
Prime Minister Narendra Modi said on 15th August that India will soon have a replacement cyber security policy because the country goes digital, and dependence on cyberspace increases manifold.
In a short span of some time, a draft of the latest cyber security policy would be presented to the state. within the coming times, we’ll get to integrate everything then work within the framework of this cyber security. we’ll formulate strategies to manoeuvre forth,” he said in his Independence Day speech.
Be on the Safe Side!
On the people side, training is required to bring at-home employees up to hurry on the newest sorts of attacks and proper defences that are necessary during this era of enhanced hacker activity. Education is vital. they have additional information about spotting fraudulent emails, and guidance to not click on links or download attachments from unfamiliar senders.
Mandates about the use of VPNs to access company data and platforms.
Automatic updating to get rid of security and patch gaps from manual updating.
IT and security should work together to speak more frequently with remote employees about the newest tech implementations, best practices, and any shift in expectations from corporate.
DDoS protections may impact the whole remote workforce which relies on accessing the company’s cloud platforms. More security-focused appliances also are needed within the cloud to support the infrastructure and protect against DDoS.
Use multi-factor authentication (MFA) to scale back access points for hackers to intrude home-based networks.
Mandate employees to remain off public Wi-Fi networks which give easy entry points for hackers.
Use monitoring tools to identify poor decisions like clicking on suspect sites, downloading attachments from unverified senders and other detrimental choices.
Use a secure program and communication platform.