BOOK AN APPOINTMENT WITH AN IT SPECIALIST TODAY

Cybercrime & Coronavirus: What You Need to Do to Protect Business, Employees, and Profits

Cybercrime Spikes During Coronavirus: Tips to Protect Your Business

Learn why cybercrime tends to spike during times of global crisis. Get tips on how to protect your tech environment from cyber criminals during the coronavirus.  

Right now, people are hanging onto every news story about the coronavirus. They’re checking social media more than usual. They’re setting up home offices, learning how to use new collaboration tools with their colleagues, or trying to figure out what to do in the absence of income.

They’re also dealing with their kids being at home all day and wading into homeschool. On top of all this, they’re worried about the spread of the virus and its effect on the economy. While everyone is stressed, busy, and distracted, cybercriminals are focused and ready to go.

Coronavirus Cybersecurity

Cybercrime Spikes During Coronavirus

Cyberattacks almost always spike during times of global crisis, and right now, the Federal Bureau of Investigation reports that the coronavirus is no exception. Scammers are hacking into databases, sending out phishing emails, and leveraging the pandemic to convince victims to make donations to fake organizations or buy counterfeit personal protection equipment.

Analysts speculate that cybercriminals will cause $6 trillion in damages in 2021, and in 2020, damages are mounting as criminals take advantage of this situation. Research indicates that phishing emails have increased by 667% since February — that’s a seven fold increase in just a few weeks.

How to Protect Yourself From Cybercrime During the Coronavirus

Being aware of the risk of cybercrime is the first step. While many people think they are immune, no one is free of this risk — in fact, cybercriminals spend a lot of time targeting small businesses and organizations. To protect your business, practice these security essentials.

1. Be hyper-vigilant of incoming emails

As indicated above, phishing emails are on the rise. Cybercriminals are relying on people to have their guard down, and you and your employees need to be vigilant.

A lot of these emails contain dangerous attachments, while others include links to malicious websites. Never open an attachment or click a link from an unknown sender. If the sender looks familiar, take a few extra minutes to verify their identity. Scam artists often make their emails look like they’re coming from someone you know or from an organization like the Centers for Disease Control (CDC).

2. Secure all work-from-home computers

Another reason cybercrime is exploding right now is due to the unprecedented number of people who are working from home. If your employees are working from home, you need to take extra steps to secure your network.

Ideally, you should have your employees work on computers issued by your business. Home computers tend to be full of potentially dangerous videos, photos, or downloads.

Make sure all the computers your employees are using have a firewall that is turned on and configured correctly. Firewall misconfigurations can create extensive vulnerabilities in your network.

Finally, have your employees access everything through a virtual private network (VPN). A VPN encrypts all the data transmitted from their computers, creating an additional layer of security. Ideally, you should use a dual-factor VPN that requires your employees to enter their password plus an additional piece of verification such as a code texted to their phone.

3. Beef up your password strategy

Weak passwords threaten the security of your tech environment. Make sure your employees understand the importance of never using easy-to-guess passwords such as 12345, Password, their own names, or details visible on their social media pages.

Additionally, they shouldn’t let their browsers store passwords. Instead, you may want to look into a password manager such as LastPass or 1Password. These applications store passwords, but they can’t be accessed as easily as most browsers.

Cybercrime can cost you money, reduce your productivity, harm your reputation, and cause other types of damage to yourself, your employees, and your business. To reduce your vulnerability, contact a cybersecurity professional. They can help you identify the processes, products, and practices you need to stay as safe as possible, especially during a global crisis.

More Like This

AA20-266A: LokiBot Malware

Original release date: September 22, 2020 Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise frameworks for all referenced threat actor techniques. This product was written by the Cybersecurity and Infrastructure Security Agency (CISA) with contributions by the Multi-State Information Sharing & Analysis Center (MS-ISAC). …

AA20-266A: LokiBot Malware Read More »

Read More

AA20-259A: Iran-Based Threat Actor Exploits VPN Vulnerabilities

Original release date: September 15, 2020 Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. This product was written by the Cybersecurity and Infrastructure Security Agency (CISA) with contributions from the Federal Bureau of Investigation (FBI). CISA and …

AA20-259A: Iran-Based Threat Actor Exploits VPN Vulnerabilities Read More »

Read More

AA20-258A: Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity

Original release date: September 14, 2020 Summary The Cybersecurity and Infrastructure Security Agency (CISA) has consistently observed Chinese Ministry of State Security (MSS)-affiliated cyber threat actors using publicly available information sources and common, well-known tactics, techniques, and procedures (TTPs) to target U.S. Government agencies. CISA has observed these—and other threat actors with varying degrees of …

AA20-258A: Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity Read More »

Read More

AA20-245A: Technical Approaches to Uncovering and Remediating Malicious Activity

Original release date: September 1, 2020 Summary This joint advisory is the result of a collaborative research effort by the cybersecurity authorities of five nations: Australia,[1] Canada,[2] New Zealand,[3][4] the United Kingdom,[5] and the United States.[6] It highlights technical approaches to uncovering malicious activity and includes mitigation steps according to best practices. The purpose of …

AA20-245A: Technical Approaches to Uncovering and Remediating Malicious Activity Read More »

Read More

AA20-239A: FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks

Original release date: August 26, 2020 Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. This joint advisory is the result of analytic efforts among the Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury (Treasury), …

AA20-239A: FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks Read More »

Read More

AA20-227A: Phishing Emails Used to Deploy KONNI Malware

Original release date: August 14, 2020 Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. The Cybersecurity and Infrastructure Security Agency (CISA) has observed cyber actors using emails containing a Microsoft Word document with a malicious Visual Basic …

AA20-227A: Phishing Emails Used to Deploy KONNI Malware Read More »

Read More