You might have noticed some recent headlines in the news that are alarming to those of us in the cybersecurity field:
“Hackers are seizing on coronavirus fears to steal data”
“German government loses tens of millions of Euros in COVID-19 phishing attack”
“‘Click for urgent coronavirus update’: How working form home increases exposure to cybercrime”
In this time of unprecedented chaos and disruption, the bad guys, those who want to hack networks and steal data, have not slowed down. As a matter of fact, they’ve increased their efforts.
When it comes to cybersecurity, chaos equals opportunity. Cybercrime is big business and highly profitable. The FBI’s Internet Crime Complaint Center (IC3) reports that from 2014-2018 over $7.45 billion dollars in financial losses were incurred as a result of cybercrime. And as a result of the coronavirus, the FBI has seen their reports of cybercrime triple.
The criminals are using this period of uncertainty and fear to take advantage of unsuspecting individuals. The threats come in different varieties, everything from malware embedded in emails to malicious coronavirus websites to fake Coronavirus charities.
Google Cloud recently reported that in the prior week they had seen over 18 million daily malware and phishing emails related to COVID-19, in addition to over 240 million COVID-19 spam messages.
Primary Threat Vector: Email
For years, email has been the primary threat vector for hackers and cybercriminals. The same is true now. And why is that? Email originally was not built with security in mind but now over 95% of network breaches begin with email. There are literally hundreds of thousands of email phishing scams taking place right now.
The RSA Cybersecurity group estimates that there were over 250,000 email phishing scams worldwide in 2019. That’s one every two minutes. In the old days, the phishing scams were simple annoyances, like the Nigerian Prince Email Scam. We might open our inbox and see something like this:
It is my great honor to write you this letter, which I believe will be a great surprise to you. I am a prince, living in exile…”
What follows is then an invitation to assist the prince in gaining access to hidden millions. Interestingly enough people still fall for this scam even having been around for over a decade – Americans lose about $700,000 a year to the Nigerian Prince scam.
But now in the age of the Coronavirus pandemic, it’s not a message from a Nigerian Prince. Now it involves many origins:
- An urgent message about a COVID-19 update.
- Or a representative from the World Health Organization (WHO) soliciting donations for a Coronavirus relief charity.
- Or a message from the “Admin Department” instructing all remote workers to click a link to update your information in the employee directory.
- A “vendor” who is instructing you to download an invoice for your review.
The bad guys are using email to scam people out of their stimulus checks, their unemployment benefits, or simply to infect their machines with malware and ransomware.
How to Protect Yourself
Malicious URLs: Every URL does not take you to a site that can infect your machine and network with malware – but it might. So how do you protect yourself? Unfortunately, you really have to be very much a negative thinker. Negative thinkers walk around and always assume the worst and in protecting yourself from malicious URLs you need to do the same.
Here is a difficult reality I’ve learned while sheltering in place from the coronavirus – people can infect you without realizing it or even meaning to. Never click a link from someone you don’t know and don’t necessarily click links from people you do know. My family is notorious for sending me emails about the latest conspiracy theory, with a link to some suspicious site so we need to assume that URLs are dangerous.
Fortunately, there are some simple tools at our disposal. Google has a Safe Browsing website where you can gather up to date information about whether malware has been detected on a particular site.
Well I certainly hope you didn’t just click on that! Haven’t you been listening: Trust no one – not even a cybersecurity blogger. You can find the same URL by opening a browser and typing ‘Google Safe Browsing’. And for heaven’s sake, I certainly hope you haven’t been clicking on any of the Hyperlink text in this blog posting so far!
Before I started working on this article, I was going to say it was okay to click on links from YouTube and Facebook. Wrong! There are a number of phishing scams that are making use of YouTube and Facebook domains so be intelligently suspicious of all URLs in emails.
Attachments = Malware
It’s a sad state of affairs but sadly we have to assume that attachments contain malware. Hopefully your laptop has some type of antivirus or anti-malware software installed.
Be aware that not everybody has antivirus or anti-malware software. A large number of individuals have no malware or anti-virus installed. Mac users often have no separate anti-virus partly because the Mac OS has been seen as relatively secure, particularly in comparison to a Windows-based machine. As a matter of fact Apple itself says, “The best way to keep your Mac secure is to run the latest software.”
But there has been a dramatic increase in malware threats aimed at the Mac. Malwarebytes in their 2020 State of Malware report noted a 400% increase in attacks aimed at the Mac for 2019 as compared to 2018.
The decision about whether to have virus and malware protection on your machine and what protection you need is an individual one. However, it is critical that you have a mechanism to scan files for viruses and malware to help protect yourself and your network.
One particularly useful online tool is www.virustotal.com. Virus Total is owned by Google, and scans files using 65 separate virus engines. If you have a file that you need to download or a file you suspect contains malware or simply a file you are about to download, you can go to www.virustotal.com and enter the link were the file to be downloaded is stored. Virus Total will give you a comprehensive scan of the file, and unlike Google Safe Browsing which also scans URLs, Virus Total allows you to upload files to be scanned.
As we need to be vigilant about protecting the physical health of ourselves and our loved ones, we also need to be careful in protecting the safety of our home and corporate networks. As with any safety precautions, paranoia is not necessary. Vigilance on the other hand is essential.
Stay healthy. Stay safe.
Cybersecurity Training Resources:
Cisco Security Certifications
CISSP (Certified Information Systems Security Professional Prep Course)