CyberSecOp.com

View Original

Hackers Taking Advantage of Covid19 to attack major industries

With the unprecedented events of the past few months and no end in sight to the COVID-19 pandemic, hackers are leveraging the related chaos as a means of targeting, hi-jacking, infiltrating, and generally creating havoc among major industries around the globe.

The suddenness of the global governmental response combined with the rapid shift to remote work solutions has created a haphazard environment for many businesses that simply do not have the time to implement due diligence and information security controls. Unfortunately, the smart bad guys are taking advantage.

In California’s’ Bay Area, two school districts have become recent victims of breaches that exploited the unexpected thrust to online learning. Video conferencing sessions were hacked and infiltrated by uninvited guests; hundreds of online learning passwords were inadvertently exposed to public consumption. School administrators were left scrambling and ultimately had to ban all usage of video conferencing until proper security measures were implemented.

Hospitals and medical facilities are reeling from the virus spread, and hackers are paying no solace to this industry as they hammer away with targeted phishing campaigns and other website-based attacks. The World Health Organization (WHO) has reported several unsuccessful attacks against their network, with one geared around impersonating the WHO email system. Hammersmith Medicines Research (HMR) a UK based research team tasked with creating a Covid19 vaccine, unfortunately, did fall victim to a cyber-attack, as malicious actors were able to access and then post medical data from thousands of patients.

Education and healthcare are not the only sectors being infiltrated. Financial firms are being hit with targeted phishing attacks called whale or spear-phishing - Using Covid19 as the backdrop. Attackers are creating very specific, sophisticated emails that create a sense of urgency and ultimately increase the odds of the recipient becoming a victim.

It is an important time to ensure that your business leaders are setting an example by exhibiting best practice security behaviors that will ultimately set the tone and trickle down the entire organization. Top management commitment, effective strong policies that are communicated to the entire organization, and a measurable security awareness along with a sound risk management framework; are just some of the layers in security that will decrease the attack surface of any business.

CyberSecOp offers a full suite of cyber-security solutions that include:

  • Full Security Assessments

  • Gap Analysis

  • Policy Creation

  • Security Awareness Training and Measurement

  • 24/7 Security Operations Center (SOC)

  • Ransomware Response

  • Penetration Testing

  • Vulnerability Scanning and Management

  • Forensics

  • VISO (Virtual Information Security Officer)