IT Security in Times of Corona
19/10/2020 |

IT Security in Times of Corona

Cyber criminals have it particularly easy in times of general uncertainty.
To what extent does the corona virus endanger IT security, and what
should one pay attention to in order to counteract risks?

man holds laptop with text you've been hacked on screen

“Really safe” is basically only a little safe: That is a fact. Since March of this year, this fact gained in importance. These times of general uncertainty make it particularly easy for cyber criminals. For some time now, IT security experts have been warning of a wave of cybercrime on an unprecedented scale.

What Are We Dealing With?

Strictly speaking, cybercrime is, not to an insignificant extent, about psychology. Emails must be read, links clicked, documents downloaded and access rights granted if malware is to have an effect. This works best on nervous recipients. And unfortunately, a lot of people are insecure at the moment. It can be assumed that the effects of today’s crisis will permanently impact the IT security sector.

However, it must be noted that the challenges posed by advancing digital transformation have been known for some time. This shows that many companies have not done their security homework and have been neglecting it for a long time.

Plus, cyber criminals are also taking advantage of increased work in the home office.

Plus, cyber criminals are also taking advantage of increased work in the home office. From one day to the next, millions of people had to completely change their way of working. From a network managed by IT professionals, they moved to home offices where they are not protected by corporate firewalls and possibly professional antivirus programs.

For the IT security specialists themselves, the changeover has often been even more difficult, because at home they often lack the digital tools to monitor the network. Security staff usually look for unusual connections in a network. But when, as is currently the case, hundreds of new employees suddenly connect to companies via VPN tunnels, everything becomes much more confusing. Such a situation has never existed before and is a real chance for cybercriminals.

Cybersecurity is More Difficult in the Home Office

For many companies, home offices were still not a matter of course when the Corona crisis began. The difficult situation has virtually forced them to ensure that their employees can work from home, and there were quite a few major challenges that had to be overcome to make this happen. For example, a large number of additional devices had to be integrated into the companies’ respective IT infrastructures.

Attackers can use inadequately protected home computers to penetrate the VPN networks of companies and smuggle in malware. During a pandemic such as the current one, this can lead to even greater disasters than in normal times. For example, if this software cripples hospital networks, doctors could be prevented from saving lives!

The Hour of Cloud Services

Another consequence of the trend towards remote working, and often a prerequisites for this, is the increased use of cloud services. Operating a complete infrastructure oneself is often no longer possible without external cloud providers, so cloud computing has become a necessity.

It can therefore be stated that the Corona crisis is greatly accelerating a shift from on premise solutions and services to cloud services and managed services. This is likely to continue after the crisis passes.

Every opportunity should be taken to raise awareness of these again and again.

Safety Begins With Everyone

Despite everything, IT security is not only a matter for IT departments or security specialists. Rather, the responsibility of each individual employee is also required — especially now when in the home office.

Supposedly little things, like

are an important basis for safe working. Every opportunity should be taken to raise awareness of these again and again.

A lack of security awareness often has to do with unsatisfactory user-friendliness and too great complexity of security solutions. IT security must be user-friendly. The digital world is becoming more and more complex and requires even more automated and easily accessible IT security — ideally with uniform solutions.

Unfortunately, Money is Earned During Crises

Waves of fraud and abuse are also making themselves felt among domain registrars, because anyone who wants to build a new website first needs the foundation. For example, since January, the IT security company DomainTools which monitors this area has been registering significantly more new Internet addresses related to the corona virus: “covid19help.com,” “testmycorona.com” or “quarantinder.com.” It is not uncommon for such sites to be registered by cybercriminals in order to make money from the crisis.

The coronavirus is being used to initiate almost every kind of cybercrime, from fake web shops and fake business emails to phishing campaigns and attacks by state hackers.

For example, the US Department of Justice took the site “coronavirusmedicalkit.com” off the net. On this site, an alleged test kit including a vaccine from the World Health Organization (WHO) was offered for a five dollar shipping fee.

On the page “antivirus-covid19.site,” an app was advertised that uses artificial intelligence to protect against the virus. Instead, malware was distributed that spied on the victims. Similarly, a lot of Android apps pretended to track infected people nearby, but were actually only there to give credit card details to criminals or to encrypt their cell phones and demand ransom money to unlock the devices.

Also popular at present are phishing e-mails with cards that look like the Johns Hopkins University coronavirus dashboard showing the number of infected people or false appeals for donations to the World Health Organization (WHO).

There is a consensus among most experts that the corona virus-related cybercrime wave is only just beginning. The fear of the pathogen will remain an important psychological lever for the majority of cyber-attacks. Unfortunately.

What Does It Look Like in the Companies?

A study conducted by Bitdefender in the summer of 2020 examined the enduring impact of COVID-19 on cybersecurity and took into account the views and opinions of over 6,700 Infosec professionals in 10 countries.

Here are some insights:

  • 50% had no contingency plan for COVID-19.
  • 86% admitted that attacks increased during this period.
  • 81% believe that COVID will change the way their companies work in the long run.
  • Phishing/whaling attacks were the most common type of attack that increased during COVID-19.
  • 25% are concerned that people working from home are increasingly targeted.
  • Because of COVID-19, nearly one-third intend to continue education to improve their security training and 24/7 support.

To respond to risks, measures such as distributing cybersecurity and remote working guides, deploying VPNs, updating cybersecurity training for employees, and ensuring that the most recent patches were applied before employees began working in the home office were mentioned.

The ability to adapt quickly without increasing the risk is crucial.
Liviu Arsene, Global Cybersecurity Researcher at Bitdefender

Liviu Arsene, Global Cybersecurity Researcher at Bitdefender, says: “Cybersecurity is about reputation and business continuity. The ability to adapt quickly without increasing risk is critical for companies and organizations. As COVID-19 changes the work culture, the security strategy must change as well. At least half of the organizations worldwide were not prepared for a scenario like this, and attackers immediately seized their opportunity. The majority of IT security professionals recognized this need for rapid change and took initial action.”

Taking Action And Looking Ahead

The pandemic also opens up an opportunity — namely, to learn how to deal with changes in the world of work and how to prepare for them.

“In the current situation, it is more important than ever to be able to work from home,” says Jens Bothe, security expert and Director Global Consulting at OTRS Group. “Some security measures are necessary here, but they can be implemented relatively quickly and easily by employees and companies alike.”

The measures at a glance:

1. Overview of IT Equipment – Current Software

In the home office, it is more important than ever to have the right equipment. It is not uncommon for companies and their employees to work with software that is no longer state-of-the-art. This increases the risk of violating the current basic data protection regulation and possibly having to pay high penalties.

2. Security When Working in the Cloud

The benefit of cloud-based systems is that all employees can easily access them – no matter where they work. However, it is worth taking a close look at the cloud provider to ensure that all data is processed in accordance with the GDPR. Among other things, companies should make sure that compliance certifications are available. They should also look at how data is encrypted during exchange, what backup procedures are in place and where the data centers are located.

3. Bring Your Own Device

Bringing your own device is still an important issue that should be addressed when working from home. However, data protection should always be guaranteed. Encryption, password protection and virus scanners should, therefore, also be installed on private devices and the WLAN connection should always be protected in your own home. It should be a matter of course that sensitive data is not stored locally. Just as in offices, the computer in the home should always be locked as soon as the user moves away from it. If several users have access to a device, the accounts should be protected with different passwords.

Due to the increasing number of IT security incidents, it is extremely important that companies have a real security strategy in place.

4. Be Prepared For the Worst Case Scenario

Despite all the measures and precautions that companies proactively take to protect themselves from attacks, there is never 100% security.

Due to the increasing number of IT security incidents, it is extremely important that companies have a real security strategy in place. No, this does not mean that they are protected from every attack, but that they can ensure the best possible defense when an attack has occurred.

In order to protect your company, short reaction times must be guaranteed and the right IT security processes must be in place.

The OTRS Group offers an optimal solution here.

STORM is SOAR software that enables companies to react quickly, precisely and transparently to attacks. With this solution for the managing security incidents, you can accelerate the:

  • Orchestration of people and tools,
  • the automation of incident response processes, and the
  • speed of response through notifications, information on the ticket and clear supervision.

It also provides highly secure communication and non-editable documentation that simplify forensic tasks.

Also, when it comes to home office regulations, each employee may have different experiences, so it is definitely worthwhile to create overarching guidelines for working from home.

In the end, it is to be hoped that the Corona crisis, despite all its negative effects, will be positively exploited and can provide impetus for the future. For example, we expect people to better prepare for change and to pay more attention to the topic of IT security.

Text:
Photos: Saksham Choudhary from Pexels

Leave a Reply

Your email address will not be published. Required fields are marked *

Share the Story