30% increase in cyber attacks during COVID-19 crisis, reveal studies
- 25 Jun 2020
Sohaila Ahmed, Staff Reporter
Typically, cybercriminals have always found a way to prey on people, and the COVID-19 crisis exponentially increase the surface area for the attackers to exploit people.
Some studies show that there has been a 30% increase in cyber attacks; some of the most common attacks we are seeing are emails masquerading as government announcements or fake COVID-19 websites. People's mind was clouded with uncertainty and attackers preyed on it.
Anand Choudha, CEO at Spectrami, a company dedicated to cyber security solutions, said that there are attacks like sophisticated phishing attack because most people were working from home so they were not in physical touch and so attackers would craft specific mails which would look like they're coming from internal organization and then they would ask to transfer money.
However, there has been such a huge element of uncertainty among people in general that it was successfully exploited by attackers. There were reports of nation state actors who are targeting specifically pharma companies and top research companies because everybody is in the race to develop the COVID-19 vaccine; so it was no surprise that the most target in industry was the pharma research industry.
The most common technique cybercriminal used are phishing attacks or social engineering scams. They are being used to spread a fear, uncertainty and doubt, as well as exploiting people's gullibility to send them clicking links or fake emails, fake news or false charities; hackers usually focus on primarily social engineering and emails.
“In order for organisations to avoid cyber attacks, they must raise awareness about social engineering and human phishing, by for example carrying out phishing simulations in which readiness of employees in case of phishing attack is tested,” Anand Choudha said.
In addition, it is also important for individuals not to donate to online charities that are partially anonymous or unknown-sourced to avoid cyber attacks.
