As the COVID-19 outbreak has increased cyberrisks, partners from European regional digital innovation ecosystems can focus on common responses to the digital vulnerabilities. Organizations, institutions and citizens are more than ever exposed to cyberrisks because of the unplanned and unprepared shift to home working. It is only through well concerted efforts of digital innovation players that new solutions could be borne and made operational fast. Interregional cooperation between DIGEMs is the fast-track road to implement already tested solutions from one region to another. This is one of the main aims of #Interreg_CARPEDIGEM project.
“As organizations and people have curtailed travel and in-person gatherings, they have shifted a great deal of activity into the digital realm. Workers and students are staying home, using videoconferencing services, collaboration platforms, and other digital tools to do business and schoolwork. In their free time, they are going online to shop, read, chat, play, and stream. All these behaviors put immense stress on cybersecurity controls and operations.
SEVERAL MAJOR VULNERABILITIES STAND OUT:
WORKING FROM HOME has opened multiple vectors for cyberattacks. A broad shift toward work-from-home arrangements has amplified long-standing cybersecurity challenges: unsecured data transmissions by people who aren’t using VPN software, weak enforcement of risk-mitigating behaviors (the “human firewall”), and physical and psychological stressors that compel employees to bypass controls for the sake of getting things done. The more that homebound employees struggle to access data and systems, the more they will attempt to use risky work-arounds (exhibit).
SOCIAL-ENGINEERING PLOYS are on the rise. In social-engineering gambits, attackers attempt to gain information, money, or access to protected systems by tricking legitimate users. Companies have seen more malware-laced email-phishing campaigns that borrow the identities of health, aid, and other benevolent organizations. Scammers posing as corporate help-desk teams ask workers for their security credentials using text phishing (“smishing”) and voice phishing (“vishing”). Email fraudsters have tried to get executives to move money to fund vendors, operations, and virus-related-response activities.
CYBERATTACKERS ARE USING WEBSITES WITH WEAK SECURITY TO DELIVER MALWARE. With the creation of new domains and websites to spread information and resources to combat the coronavirus, attackers are exploiting the weak security controls on many of these sites to spread malware via drive-by downloads. A common approach hides readily available malware (such as AZORult) inside coronavirus heat maps or early-warning applications. In one instance, a threat actor targeted a public-sector entity by embedding malware in a pandemic-related document and disguising it as an official communiqué from another part of the government. Once installed, such a malicious application steals a user’s confidential data (for example, personal information, credit-card information, and bitcoin-wallet keys). Some malware applications launch ransomware attacks, which lock a user’s system until they pay a certain amount of money to the attacker.
PUBLIC-SECTOR ORGANIZATIONS ARE EXPERIENCING ACUTE PRESSURE. A major hospital in Europe was hit with a cyberattack that forced it to suspend scheduled operations, shut down its IT network, and move acute-care patients to another facility. And a department of a local government had its website encrypted by ransomware, preventing officials from posting information for the public and keeping employees from accessing certain files.
As the COVID-19 outbreak progresses and alters the functioning of our socioeconomic systems, cyberattackers will continue their efforts to exploit our fears and our digital vulnerabilities.” (https://www.mckinsey.com/business-functions/risk/our-insights/cybersecuritys-dual-mission-during-the-coronavirus-crisis)