It is important to take steps to limit the impact malware would cause, and speed up effective response.
By Siddharth Vishwanath
COVID-19 forced organisations and individuals to embrace remote working almost overnight. While the world at large focused on the challenges around health and the economy, cybercriminals around the world saw it as a window of opportunity. Our researchers from our Cyber Protection Center in Kolkata who continuously monitor attack patterns saw a spike as high as 100% when it came to phishing and brute force attacks targeting Indian organisations. Based on an analyst report, in June itself there were around 316 billion average daily spams, with India always featuring in the top 10 countries being targeted. These attacks seem to largely originate from countries such as China, the US, smaller countries in Europe, among others.
Close to home, we’ve had some publicly known hacks. Notable among them was that of an IT services giant which was orchestrated with the help of malware. A popular form of malware is ransomware. It is a malware that prevents you from getting access to your computer (or the data stored in it). What makes malware or ransomware so potent is the fact that there’s no single solution or tool available that can help organisations build capabilities to defend themselves. Working with our clients, which includes some of the leading organisations in their respective sectors, we almost always suggest that one should adopt a ‘defence-in-depth’ approach. This means using layers of defence with several mitigations at each layer. This gives more opportunities to detect malware, and then stop it before it causes real harm to an organisation.
As per a PwC study, many Indian organisations saw 100% increase in attacks between 17 and 20 February 2020. Also, there was a 66% increase in detections by end point security systems in March 2020 and a 100% increase in brute force attacks in March 2020 on internet exposed systems.
While organisations struggle to adapt to the new normal, the new remote worker has actually expanded the threat landscape and now is being targeted more. According to monitoring data published by Google, there has been a 350% surge in phishing websites during the pandemic. According to Trendmicro, there’s been a 220x increase in spam from February to March 2020 and almost 48,000 hits on malicious URLs related to Covid-19. Furthermore, a 260% increase in malicious URL hits from February to March 2020.
While the situation may seem grim, it is not all gloom and doom. We’ve seen organisations really switch gears and address the challenges at hand. Unfortunately, there’s no silver bullet or a one-size-fits-all when it comes to recovery strategies and each needs to be customized and tailored according to the crisis at hand.
However, all effective strategies include a clearly defined and tested incident response plan involving all teams from IT (application, infrastructure and security) working together can help overcome crisis situations. For organisations, the biggest learning from this crisis is to include Black Swan scenarios while drafting and testing their crisis strategy. It is prudent for organisations while developing response strategies to cover as far as possible all types of crises, including the ones which are low probability but have a high impact.