Covid-19: A Cybercrime Perfect Storm … Data Exploitation Dream

by Sam Field

Sam Field - Our Enterprise Solutions Product Manager discusses how the global pandemic and restrictions on movement have led to an increased dependency on digital services for both businesses and consumers, and to a large extent, pretty much everyone has had to adapt to new ways of working.

Enforced lockdown has seen a massive rise in the use of collaboration services, and workforce transformations have taken place before our very eyes. Digital communications in whatever format have massively increased the amount of business data in circulation.

Cybercriminals quickly identified dispersed working as a major opportunity, and have responded with pandemic themed scams and attacks to steal information and data.

Whilst cyberattacks on individuals are very upsetting, they are generally easier to spot and deal with. A ‘take no action’ approach to any form of contact outside the norm is the key learning point on a personal level, and nobody can claim to be so smart they are not vulnerable.

The workplace however is a much more complex environment with hierarchical relationships, managerial directives and business systems that aren’t always the simplest to operate.

There’s a greater scope for cybercrime in organisations with operational complexity, and the value of data and information that can be stolen or extorted tends to be higher.

Furthermore, it isn’t just criminals who are interested in business data. There are many business information platforms and other data centric organisations who are benefitting from the wealth of information flowing around the digital economy. And for many island organisations, protecting intellectual property (IP) from cybercriminals and other interested parties is vital.    

The arms race between data protection, criminals and legal data hunters is here for the long-haul as organisations strive to protect their businesses, customers, revenues and reputation.

The focus still remains on cybercrime though, and the five overriding threats that are targeting hybrid working environments are:

Email Phishing
Defined as the fraudulent attempt to obtain sensitive information or data, such as usernames, passwords and credit card details, by disguising oneself as a trustworthy entity. Covid phishing activity often impersonates government and health authorities to deceive users into sharing confidential information such as payment and account credentials.

When hackers break into corporate networks, they often take their time monitoring emails and activity, to maximise the impact of their attack. Criminals then mimic existing accounts and send emails instructing people to take action … do this, click here, update that, … all in an attempt to obtain the information and the access to funds they are looking for. 

SMS Phishing
Also known as ‘Smishing’, is text messaging fraud that tries to lure victims into taking action. Clicking on links in texts can activate the downloading of malware that will reveal and extract sensitive account information. The increased use of smartphones for so much business activity exposes organisations to an extended perimeter, through a non-PC based zone of extended vulnerability.

Fraudulent Domains
Or domain spoofing, is also associated with phishing. Attackers use a ‘bogus domains’ to impersonate a company or its employees. This can be done by sending emails with false domain names which appear legitimate, or by setting up websites with slightly altered characters that look authentic, and asking you to take action that will compromise your security.

Counterfeit Apps
A counterfeit app is an app that claims to do something, but is actually fake, ineffective, or harmful to a user's device and information. They have been found on legitimate app stores including Apple and Google Play, where they have not yet been detected or reported. They aim to defraud users by offering fake functionality, and stealing data.

Malware
Malware is software that has been intentionally designed to cause damage or harm to a computer, server, client, or computer network - often for the purposes of extorting money. A wide variety of malware exist, including viruses, worms, trojan horses, ransomware, spyware, adware, rogue software, wiper and scareware. Malware exists for a number of reasons: such as causing malicious damage, and stealing financial details and sensitive information. Ransomware is a form of malware where attacks are designed to block access or take down sites until a sum of money is paid. 

Clear and Present Danger
The average cost of a business cyberattack is estimated to be £3million, and around half of the cyberattacks involve email phishing, a figure that’s 20% higher than the global average.

 

We partner with Mimecast, a ‘Gartner Magic Quadrant’ global cyber security leader, to provide a unique range of on and off-shore services. Cloud based, layered security provides advanced safeguarding and business continuity, protecting email and messaging services, along with access to your securely archived information.  

Related articles

Dom Article v2

Welcome Dominic Barnes: New Sales Account Director in Jersey

We spoke to new Sales Account Director in Jersey and heard about his plans at Sure Business

Calum QA article v2

A Career in Tech: Callum Gill on his route to Sure Business

Hear from Callum about his career so far, and why keeping up with the latest technology is vital to his dynamic role.

4

Decoding the Future: Unravel the legal and ethical tapestry of AI

We spoke to one of our professional services consultants, Malcolm Mason and asked for his insight and guidance on the transformative power of AI.

For more information

Download our 'Creating your Digital Workplace’ and 'Unified Communications' brochures or click here to find more information about Sure's portfolio of flexible working solutions.

Contact us to find out how we can help you
and your business today

Contact us

Further Insights

remote working

The Building Blocks of Flexible Working

As organisations continue to evolve and refine their working practices, the technology building blocks for a secure, productive and sustainable hybrid working environment need to be put in place.

network consultancy team 2

Covid and the Rise and Rise of Flexible Working

If every cloud really has a silver lining, two positive outcomes from Covid will be Flexible Working and the accelerated adoption of Unified Communications and Collaboration (UCC).

Nick

Remote working & collaboration pivotal to businesses ‘Building Back Better’

If your business wasn't equipped for remote or flexible working before, the likelihood is that it certainly is now. Whether by necessity or strategic planning, many businesses have found themselves adapting quickly to the new working world forced on us by the coronavirus pandemic.