New Delhi: With businesses operating indoor, there is increased risk of security breaches and threats which can lead to loss of data, breaches of privacy or holding systems to ransom, and more. Cybersecurity expert Col. Inderjeet Singh details different types of cyberattacks and how to prevent them.
Companies shifted to remote working
When COVID-19 started spreading, it was kind of a situation where none of the industry was ready for it. Everybody was forced to switch their business operations from offices to homes. However, most of the SME and larger enterprise had never tested their business continuity plan and risk management to this scale. No one was never ready for this transition and run their businesses from home, the way they are doing now.
In addition to the business operations, a bigger challenge that was faced by enterprises was business continuity with third-party suppliers. Bigger challenges faced were employee attendance, creating a congenial work atmosphere, which was required to be created. There were inadequate controls for people who were going to work from home and there were the challenges of corporate data leaks and data protection.
With these challenges in shifting of business operations at the strategic level, business owners did their best of that they could do keeping the health of employees as their paramount importance and taking a big hit on business operations. It gave an opportunity for most of the enterprises to testify their business continuity and risk management plans. This pandemic gave an opportunity to work out a disaster recovery plan to be put in place, as also an incident response plan and cyber resiliency. So strategically speaking, enterprises had to align these plans to employees who are now working from home.
Cyberattacks on the rise since the start of the coronavirus outbreak
Inderjeet explained that as the coronavirus started spreading, so did the number of cyberattacks. Hackers started taking advantage of this situation and targeted every sector. Healthcare has emerged as one of the major sectors, depending on IT Services. Cyber attacks in the healthcare sector have increased multifold and interestingly, it is a new IT sector in times to come. While most of the pharma companies are developing and testing Coronavirus Vaccine, hackers and nation-state actors are trying to hack into ongoing vaccine trials using spear-phishing attacks, Malware, Ransomware, APTs. It has become really important to secure and protect healthcare sectors and pharma manufacturing plants against rising cyberattacks in a way that we never thought of earlier.
Cyber threats in the Banking industry
Banking is another sector where we all know that are growing threats from cyberattacks. During this pandemic, cyberattacks on the banking industry have become much more aggressive. Hackers have been targeting financial institutions with malware to gain user access. Interestingly, hackers changed the theme of cyberattacks as the coronavirus spread moved from China to other countries. When it moved to Europe or the US, the themes adopted by hackers were different from when it is in India for cyberattacks on financial institutions. The hackers are very smart with what they are doing today when everyone is struggling physically and mentally to this pandemic.
Critical infrastructure cyberattacks a greater concern than enterprise data breaches
In addition, we have seen a growing number of cyberattacks on critical infrastructure such as power grid, water plants, oil and gas plants, telecom networks, and securing these networks are a bigger challenge. Due to the coronavirus pandemic, when most of the employees are not able to monitor the critical infrastructure round the clock like before while most of the employees are working from home, hackers and nation-state actors are taking advantage of this opportunity to launch cyberattacks of critical information infrastructure. Safeguarding these critical infrastructures from cyberattacks is very important from any nation’s security perspective.
What is Phishing e-mail?
Phishing e-mail is the most common method being used by the hackers to drop malware payloads in mailboxes and make them fall prey to these scams. Phishing emails increased by almost 600% in the last couple of months. For example, if an email comes to anyone saying that this is from WHO and with the attachment of dos and don’ts of the Coronavirus, the user would definitely fall prey to this trap and will download and that’s where the problem starts. Once anyone clicks on the suspicious link in the email or download any attachment, it either takes the user to suspicious link to steal the credentials or execute malware in the laptop / PC, to steal or encrypt their data. Surprisingly, there was more than one lakh domain that came up during Feb-Mar linked to coronavirus, though all of them may not be suspicious. Many of them were of malicious nature and used for scamming people. So what do you need to do practically?
Some of the cybersecurity tips/cybersecurity prevention plan to be followed are:
Also read: Cyber cell sounds alert after rise in online frauds in Kashmir
