Cybersecurity concerns such as ransomware have always been a glaring threat; however, it matters now more than ever during the COVID-19 pandemic, becoming an increasingly pressing concern. The pandemic has reshaped lives as more persons have moved online for work, study, and play. This online shift exposed security vulnerabilities. These weaknesses have been used by cybercriminals using sophisticated means and advanced technology to lure and exploit organizations, employees, and consumers. In fact, a 2020 Vulnerability and Threat Trends Report indicates ransomware thrived during the pandemic, with new samples increasing by a whopping 72 percent.
What exactly is ransomware?
Ransomware is a type of software referred to as malware that blocks access to a user’s network or data. Usually, the data is locked using encryption. The inflicted party can regain access only after making a payment in cryptocurrency or using a credit card.
The attacks are typically carried out through social engineering, tricking victims into clicking on attachments or malicious links. Another form of attack is mal advertising (malicious ads placed on websites). When the ad is clicked on, malware is distributed.
New types of ransomware attacks during COVID-19
Reliance on the digital world has grown significantly as a coping mechanism from COVID-19 social distancing measures. For some, it’s combing the internet for health information and coronavirus updates. Others have turned to online applications for financial assistance because of the economic downturn. And others yet have been forced to work virtually from home.
These new developments created an opportunity for new ransomware lures designed to pose as legitimate resources. Some new types of malware are masked as:
Credible websites with information on safety protocols, vaccine update, or current data on COVID-19
Contact tracing apps
Financial assistance from the government to ease the financial burden arising from the economic shutdown
Conferencing platforms for organizations and their employees to communicate
Healthcare providers are also being targeted for ransomware attacks. Already under pressure from pandemic exigencies, hospitals, clinics, and laboratories in the U.S. and Europe are seeing a surge of malware attacks. They are being threatened at their most vulnerable and desperate stage. The ramification of locking access to a patient’s record during a pandemic can have devastating consequences, so criminals prey on this vulnerability to extract a ransom.
Ways organizations and consumers can increase protection from malware attacks
Image from Pixabay.com
Despite the threat posed by cybercriminals, they do not have the final say. There are security protocols organizations and consumers can follow to reduce their exposure to malware attacks. How can they build up a defense? Here are a few tips:
Use an up-to-date and reputable VPN – A VPN is especially important during the pandemic because it secures WiFi networks employees use while working remotely. As remote Employees working from home do not have their company’s standard network security, this makes VPN use a necessity. However, research has also shown that using free VPNs or even not updating your premium VPN regularly leaves you open to ransomware attacks on known vulnerabilities. Hence, you need to choose VPN providers carefully and update your software.
Maintain a backup and recovery plan –Every organization needs to have a backup and recovery plan to reduce the impact of encrypted data by hackers. This can be done by ensuring an extra copy of the company’s data is stored on a separate device not connected to the internet that hackers cannot infiltrate.
Educate employees – as the first line of defense, employees must be adequately trained to identify online threats. Remote work has heightened the need for proper education about warning signs and safe practices to avoid malware attacks on computers and mobile phones, especially when accessing a company’s sensitive data. Employees should know they must be extra vigilant when clicking on attachments or links from emails.
Use content scanning software – One way to protect against ransomware attacks is by using content scanning software to detect any suspicious attachment or link in emails or malicious websites. If a threat is detected, those attachments or websites are blocked.
Do not provide personal information – Phony contact tracing apps or financial assistance scams may ask for personal information. Be cautious and do not share your information without verifying it’s coming from a legitimate source.