“Ever since the outbreak, we have observed increased volumes of phishing attacks as well as a number of malicious websites purporting to offer information or advice about the pandemic,” says Venugopal N, director, software engineering, Check Point Software Technologies.
The coronavirus pandemic has forced most organisations to work from home. Cybercriminals have been quick to capitalise on this, finding new avenues to initiate attacks on organisations. “Ever since the outbreak, we have observed increased volumes of phishing attacks as well as a number of malicious websites purporting to offer information or advice about the pandemic,” Venugopal N, director, software engineering, Check Point Software Technologies, tells Sudhir Chowdhary in an interview. Excerpts:
What challenges does the current scenario pose for companies from a security perspective?
According to Check Point’s research, 71% of IT and security professionals globally report an increase in security threats and attacks. The threat actors have been quick to exploit the remote working environments. Cybercriminals are deploying innovative methods to capitalise on the latest trends and news around the virus to boost the success rates of their attacks. Ever since the outbreak, we have observed increased volumes of phishing attacks as well as a number of malicious websites purporting to offer information or advice about the pandemic.
The hackers are also using malicious websites to exploit the Covid-19 related financial incentives and relief packages rolled out by the governments.
What are the new modes of attacks that hackers are adopting now?
Since mid-February we have seen an escalation in the number of coronavirus-related domains being registered. It is mainly phishing via email or fraudulent websites. The risks vary—online scams, asking for payment details, credentials or personal information, and could also be websites from which malware is downloaded to the user’s device.
Since our last update on April 2, almost 17,000 new coronavirus-related domains had been registered (16,989 to be exact). Around 2% of those domains were found to be malicious, and another 21% suspicious. In all, there have been 68,000 coronavirus-related domains registered since the beginning of the outbreak in January.
What should users keep in mind at a time like this?
While phishing is the starting point for most cyber-attacks. To stay safe, some of the golden rules are:
— Beware of lookalike domains, spelling errors in emails or websites, and unfamiliar email senders.
— Be cautious with files received via email from unknown senders, especially if they prompt for a certain action you would not usually do.
— Ensure you are ordering goods from an authentic source. One way to do this is not to click on promotional links in emails, and instead, Google your desired retailer and click the link from the Google results page.
— Make sure you do not reuse passwords between different applications and accounts.
Can you suggest some basic precautions that organisations should keep in mind?
Some of the factors that organisations need to consider are:
Trust no-one: Your entire remote access plan must be built using the mindset of zero trust where everything must be verified, and nothing should be assumed.
Every endpoint needs attention: You have to think ahead about how to handle the threats posed by data leakage, attacks propagating from device into your network. Ensure that the overall security posture of the devices are sufficient.
Stress-test your infrastructure: In order to incorporate secure remote access tools into your workflows, its critical to have a VPN or an SDP.
Define your data: Make no assumptions about previous data management. Take a granular approach which will serve you well once remote access is fully enabled.
How should organisations tackle threats arising from BYOD?
Today, every business is a mobile business, with requirements to safeguard business data, provide secure mobile access to business documents and keep mobile devices safe from threats.
We are beginning to see the first SMS phishing messages regarding Covid hit mobile users. In 2019, 34% of organisations worldwide were hit by mobile malware, with the leading three malware types targeting the Android OS