The Corona virus pandemic has taken the entire globe by storm. Economies are impacted, many businesses are struggling and many of us feel uncertain about the future. Through these somewhat precarious times, cyber-crimes have increased, leading to a general spike in ransomware, malware and phishing -mainly targeting employees who work from home. Even though the scenario may seem bleak, there is one upside from these attacks. The lessons we learn from these hackers will prepare us to better deal with future attacks.
CAPITILISING ON THE FEAR OF THE UNKNOWN
As the Covid-19 pandemic continues, people look to read and stay updated on the number of infected cases, corona virus related deaths, etc. Hackers have realised this and are aware that people would be expecting emails containing such information. They may pose as international organisations such as WHO, effectively gaining trust of the individual under the guise of a well-known global entity. The email may ask the person to click on a link to take them to a ‘live corona virus case counter’, however the link may be embedded with malicious malware which will then be downloaded on the computer or mobile device as soon as it’s clicked.
The fear of the pandemic leads to employees not really thinking twice before clicking on a link. Sometimes, tenacious hackers may even impersonate the employee’s company itself and users are more likely to click or download malicious content thinking it’s an internal email. It is imperative that all users carefully examine links and look out for any discrepancies in the email before clicking it. If there is any doubt in the genuineness of an email, a user should immediately report it.
RANSOMWARE ON HIGHLY VULNERABLE TARGETS
Ransomware is a form of malware that targets a victim’s files and encrypts them, not allowing the user to access their own files. It could come through clicking an email link, through a vulnerability in the system firewall or by posing as a trusted source and coercing sensitive data from a user such as passwords, also known as phishing. The hacker then demands that the victim pay a ransom amount in order to gain access to the encrypted files again. The victims are instructed in what way to pay the fee. It could be in the form of hundreds to thousands of dirhams in the form of bitcoin or cash.
During the pandemic, hackers have made their prime targets hospitals, clinics and all sorts of medical facilities. As these facilities are being overwhelmed by the high footfall of people during this public health crisis, they cannot afford to be locked out of their systems. Thus, they are highly likely to simply comply with the hacker’s demands and pay any sum of money in order to regain access quickly.
In order to better protect ourselves from ransomware, especially during this pandemic, here are a few steps that an organisation can take:
- Installing an up to date antivirus software which detects and protects computers from all malicious programs
- Never install or give administrative privileges to a software unless it is 100% genuine. When in doubt, consult or report it to your IT department
- Always back up files frequently. In case files are held at ransom, copies of the encrypted files will still be available for access
Cyber criminals will look at any opportunity to hack into a system and exploit its vulnerabilities. Even in the face of a global health crisis, they will attack any company for their own personal and financial gain. Companies and employees have to stay ever vigilant and up to date with the best practices of cyber security, like the few steps mentioned above, in order to stay one step ahead of the hackers.
