Cybersecurity Briefing: COVID-19 Exploitation and Rising Threats (April 8, 2020)

Lead Story: COVID-19 Exploitation by Cybercriminals

On April 8, 2020, the United States Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) and the UK’s National Cyber Security Centre (NCSC) issued a joint advisory regarding the exploitation of the COVID-19 pandemic by cybercriminals and advanced persistent threat (APT) groups. The advisory reported a significant uptick in malicious cyber activities, including phishing schemes and malware distribution leveraging COVID-19 themes to deceive victims. Cybercriminals created fake websites and applications masquerading as legitimate COVID-19 resources, significantly increasing the risk to individuals and organizations. This alarming trend highlights the need for heightened vigilance and robust cybersecurity measures during such crises.

Secondary Item 1: Rise in Vulnerabilities with Remote Work

The rapid transition to remote work due to COVID-19 has left many organizations utilizing potentially vulnerable services such as Virtual Private Networks (VPNs). This shift has heightened the risk of breaches as cybercriminals adapt their tactics to exploit these newly introduced vulnerabilities. CISA's advisory emphasized the importance of securing remote work setups to mitigate these risks.

Secondary Item 2: General Trends in Cybersecurity

Alongside the rise in phishing and malware incidents, there has been a notable increase in overall cybersecurity threats as organizations grapple with the complexities of remote work. Cybercriminals have quickly adjusted their approaches, taking advantage of the significant changes in work environments and the heightened anxiety around health crises. This adaptability of threat actors underscores the necessity for continuous education and awareness in cybersecurity practices.

Secondary Item 3: Data Breaches Surge in 2020

2020 has seen a dramatic rise in the number of publicly reported data breaches, with analysts noting a 51% increase in the first three quarters compared to 2019. By the end of the year, billions of records had been exposed from various attacks, highlighting an alarming trend of escalating cyber threats during the pandemic. This surge demonstrates the critical need for organizations to implement robust security protocols and stay informed about emerging threats.

Analyst Perspective

The events of April 8, 2020, reveal a concerning trend in cybersecurity as criminals exploit global crises for malicious purposes. The significant increase in phishing attacks and vulnerabilities associated with remote work environments has created a perfect storm for cyber threats. Organizations must prioritize cybersecurity awareness and invest in protective measures to shield against evolving threats. As we continue to navigate the challenges of a pandemic, staying vigilant and informed is crucial to safeguarding sensitive information and maintaining trust in digital communications.