Teach a Man to Phish
Covid-19 has brought out the best in a lot of people. At the same time, if you’re someone who preys on the weak, this global pandemic is a banquet. If you’re anything like us you’ve seen a huge increase in phishing and scam calls since all of this began in earnest.
Interestingly, so have corporations. INTERPOL released a report warning that cybercrime attacks have shifted from mostly individuals and small businesses to major corporations, government offices, and, most worryingly, critical infrastructure.
INTERPOL Sec. General Jürgen Stock says: “Cybercriminals are developing and boosting their attacks at an alarming pace, exploiting the fear and uncertainty caused by the unstable social and economic situation created by COVID-19.”
The constant sense of chaos and worry isn’t something we just feel as individuals. Companies “feel” it, too, as the particulars of doing business shift, the profits drop, and the future is anyone’s guess. Thousands of businesses have succumbed to the virus, with more than 3,600 filing for bankruptcy in the first half of 2020. And we don’t mean just small, mom & pop shops (though it’s looking like 2020 will see the death of small business in the United States) — J. Crew, Brooks Brothers, Hertz, Neiman Marcus, Gold’s Gym, and a host of others have filed Chapter 11 in the past two months.
Nothing is certain. And the small surge of hope business owners felt in May as states began to reopen and commerce increased evaporated by June as coronavirus cases started to sharply rise. Again.
And it’s not just the economic uncertainty they’re exploiting.
One thing that became clear by about April was how woefully unprepared we were for a pandemic. We the people, and we the tech world. Even though many companies had already begun preparing for global shakeups, the sheer speed of COVID-19 and the resulting lockdowns caught IT departments both big and small completely off guard.
The shift to fully remote work exposed every crack in infrastructure, and 90% of surveyed CXOs say they experienced a precipitous increase in cyberattacks. IT departments were overwhelmed, and the challenges of making security extend past the office walls became clear. Almost no one was ready.
Even companies you’d think would be. At the end of July Twitter was hacked, and while the ensuing chaos gave everyone something to laugh about for a day, it exposed massive vulnerabilities and resulted in some substantial criminal charges.
Security experts fear that this won’t stop, and even when/if a vaccine is available, it'll provide entirely new opportunities to scam the unaware as they offer fakes and false promises.
COVID-19 has presented a once-in-a-lifetime chance for hackers and scammers to not only target individuals made vulnerable by stress and fear, but companies made insecure by circumstance. Weirdly (and by weird we mean horrifying), only 30% of surveyed executives think cybersecurity will remain a high priority after the pandemic.
How can that be? While the cost of beefed-up security and a better-equipped IT department can be substantial, we’re looking at a new normal of remote work. While some companies will return to their pre-pandemic, brick-and-mortar forms, more will allow at least partial remote work.
Laptops go home and stay there.
The business of doing business has shifted, and if companies don’t adapt, they’ll be casualties.#cybercrime #security #twitter