How COVID-19 has made us more vulnerable to cybercrime
Crisis fuels crime. That’s an adage that certainly applies to our current global health crisis.
Earlier this year, when we were setting up remote operations to help stop the spread of COVID-19, we were inadvertently putting ourselves at greater risk of cybercrime. That’s because doing business remotely, outside the secure walls of our normal business operations, makes our systems more susceptible to errors or what is known in the world of cybersecurity as vulnerabilities. Cybercriminals, being opportunists by nature, are exploiting our vulnerabilities to defraud, hack, and scam us out of our money and private data.
Some security companies are detecting cybersecurity threats at 600 to 800 times greater than pre-pandemic levels.
The most valuable information on the Internet are health records as they contain the most complete sets of sought-after data, including our social insurance numbers, which cybercriminals can use to hold hostage for ransom money or for identity theft.
In fact, the average value of a personal health information record is worth 10 times that of any other record on the black market.
Little wonder that healthcare and related organizations are number one when it comes to insurance claims, accounting for 38% of all claims, and twice that of the number two spot. The total value of the cyber market is currently $1.5 trillion and growing. Put another way:
If cybercrime was a country, it would have the 13th largest GDP on the planet!
One of the top five risks we face in our current cyber environment, as identified by Medavie’s Director of Security, Chad White, is phishing. Since the emergence of COVID-19, we’ve seen an increase in phishing emails that mask their criminal intent by providing pandemic updates and health advice.
In total, 6.4 billion phishing emails are being sent daily.
Similarly, there have been a number of cases of bad actors creating websites that on the surface appear to be providing information about COVID such as metrics, advice, or personal protection equipment. Many of these sites look very legitimate and, may in fact, provide real information. However, upon closer inspection, these fake websites either lead the user to a scam or are vehicles by which to spread malware.
As mentioned earlier, one of the outcomes of COVID-19 was to send employees home to work remotely, resulting in hundreds of thousands of home networks being connected to corporate networks. Most employees are not well versed in advanced threat protection or configuring firewalls and system settings to harden their home networks.
In addition, many employees share their networks with others, particularly family members, but not everyone is security conscious.
This, of course, can lead to inadvertent exposures and risks of cybercrime.
The race to find a vaccine for COVID-19 has also created opportunities for hackers, with a number of research facilities being the target of sustained attacks.
Everyone wants the vaccine, and everyone wants to be the first at the table.
Organized crime is also on the lookout for lax controls to infect organizations with ransomware or to steal lucrative personal health information.
So, how can you protect the financial health and security or your organization against cybercrime?
As our resident expert on the Internet of things, Chad White has a number of best cyber hygiene practices you can follow and pass on to your employees by sharing the link to this second blog. It’s a practical how-to guide to make sure your organization is cyber-secure during the pandemic and beyond.