The COVID-19 pandemic has forced organisations and individuals to embrace new practices such as social distancing and remote working. Governments are reconsidering ways to ensure that their countries are stable by developing and enforcing new economic plans. Nevertheless, while the world is focused on the health and economic threats posed by COVID-19, cyber criminals around the world undoubtedly are capitalizing on this crisis.

From our Cyber Intelligence Centre, we have observed a spike in phishing attacks, Malspams and ransomware attacks as attackers are using COVID-19 as bait to impersonate brands thereby misleading employees and customers. This will likely result in more infected personal computers and phones. Not only are businesses being targeted, end-users who download COVID-19 related applications are also being tricked into downloading ransomware disguised as legitimate applications.

In this blog post, are some of our thoughts on the impact of COVID-19 on cybersecurity.

With many employees working from home and students learning virtually, enterprise virtual private network (VPN) servers have now become a lifeline to companies/schools, and their security and availability will be a major focus going forward. In a bid to achieve this, there is a possibility that an organisation's unpreparedness will lead to security misconfiguration in VPNs thereby exposing sensitive information on the internet and also exposing the devices to Denial of Service (DoS) attacks. In addition to this, some users may utilise personal computers to perform official duties which could also pose a great amount of risk to organisations. Organisations should ensure VPN services are safe and reliable as there promises to be a lot more scrutiny against these services. Furthermore, employees should be advised against using personal computers for official purposes.

Globally, companies are downsizing their workforce to cope with the effects of COVID-19. Some people have also lost their means of livelihood due to the various restrictions of movement by governments across the world. This move would likely encourage the growth of cyber criminals as idle people with internet access who have lost their jobs from the effects of COVID-19 may see an opportunity to make a living out of this pandemic. Organisations considering laying off staff should enforce proper exit plans. Also, we encourage all who have lost their jobs or currently being restricted to a location to consider taking this period to learn a new profitable skill and undertake online courses.

Just as we have learned as a society to impliment new behaviours and prevantitive measures to curb the spread of Covid19, we should too as impliment preventative cyber security measures so as to protect our work related data and personal data against this new wave of cyber crime.