Surge in Covid-themed cyberattacks
Cases of tricking people into giving up credentials are rising
Washington, March 18: It may look like an email from a supervisor with an attachment on the new “work from home policy”. But it could be a cleverly designed scheme to hack into your network.
The abrupt move of millions of people to working remotely has sparked an unprecedented volume of attacks to trick people into giving up credentials to attackers, according to security researchers. “We’ve never seen anything like this,” said Sherrod DeGrippo, head of threat research for the security firm Proofpoint. “We are seeing campaigns with message volumes up to hundreds of thousands which are leveraging this Covid-19.
“The pandemic has created a perfect storm for cyberattacks, with millions of people working in unfamiliar, less secure circumstances and eager for information about the virus and new organisational policies being implemented. This opens up an avenue for malicious actors using phishing emails or “social engineering” to gain access or steal sensitive information. When someone is working form their home it is a similar threat profile as at an airport or a Starbucks, you just don’t have that protection you might have in the workplace,” DeGrippo said.
“And if we are home with family where we feel safe, you might see a member hop on to do homework, and might not understand security controls. Keeping mom’s and dad’s computer for mom and dad is the right thing to do.”
Tom Pendergast of security and privacy training firm MediaPRO said many of the millions of people adjusting to the new landscape are unprepared for teleworking.