Business unusual: Cyber threats amid the pandemic

I FIRST heard about Zoom at a Logitech Rally event I attended last year. Back then, I never thought much about it, as I only used Facebook Messenger for video calls.

Who would have thought that just a few months after that event, everyone would be “Zooming” because of the pandemic. Even Zoom Chief Executive Eric Yuan admitted that the app was built primarily for enterprise customers and they did not design the product with the foresight that every person in the world would suddenly be working, studying and socializing from home.

People are “Zooming” everything and not only meetings but also reunions, weddings, parties, fitness workouts, worship services, and even concerts.  Hands down, Zoom meetings has got to be the biggest trend of 2020.  True enough, when it comes to its growth rate, the video conference company has more than lived up to its name.

BC (Before Covid-19),  Zoom had about 10 million daily users but by April, those numbers reached 300 million users and those numbers will likely increase now that everyone is working or studying from home.

But when you’re dealing with millions of users, there will always be people who are going to crash someone’s party. They are called Zoom Bombers, people who hijack Zoom meetings (sometimes for fun and harmless pranks, playing funny noises or some country’s national anthem), but there are also those who can really disrupt and even cancel meetings by sharing disturbing photos or videos.

Zoom is one of those rare businesses that has thrived during this pandemic, while the rest have had to take on a survival mentality to keep their businesses alive.

For many years, business owners and leaders already knew digital transformation was essential but Covid-19 has made that transition an urgent necessity. Lockdowns have meant that businesses have to run remotely, and people have to do their work from home.

The sudden transition has also left many businesses vulnerable to cyberattacks, and Zoom bombings are just among the threats businesses have to deal with. With predominantly remote workforces operating on unsecured home networks, corporate security teams are struggling to gain control of rapidly expanding attack surfaces.

According to a report from security company IntSights, the most prevalent Covid-19 cyber threats include phishing web sites and e-mails, fake coronavirus mobile apps, malware, ransomware, fraud and disinformation.

IntSights, the threat intelligence company focused on enabling enterprises to “Defend Forward,” announced its commitment to advance its business strategy and growth in Asia-Pacific. Fueled by the burgeoning demand for cyber threat intelligence, IntSights plans to further expand its partner network, operations and support capabilities to extend the company’s External Threat Protection (ETP) Suite to enterprises across the region.

Remote workers are easy targets right now. Within the last few months, thousands of office employees have been forced to work from home. With little preparation and very little cybersecurity awareness, companies are scrambling to provide employees with devices, remote tools, and video conferencing applications.

Many organizations are simply resorting to allowing employees to use their home computers and cell phones to conduct work unencrypted and unsecured. This situation has expanded the threat surface exponentially, and “threat actors” are looking to target the most popular platforms: e-mail, messaging, video, VPNs and home networks. A Cyber Threat Actor (CTA)—compared to a hacker or attacker—does not necessarily have any technical skill sets. They are a person or organization with malicious intent and a mission to compromise an organization’s security or data. This could be anything from physical destruction to simply copying sensitive information.

With the current work-from-home setups, it is essential to make sure they operate in a secure environment. Threat actors are looking to take advantage of the remote workforce, knowing some people will make mistakes, such as not using provided security tools; performing physical and logical bridging of networks; using home computers for work; using corporate credentials for private business; and using vulnerable software.

IntSights has been monitoring the registration of domains that include the words “corona” and “covid”. While some of these domains were registered for legitimate uses, others now host phishing attacks. In 2019, only 190 domains using the words “coron” and “covid” were registered.

In January 2020 alone, that number was over 1,400, and during February it soared to over 5,000 before topping at 38,000 in March.

In its report “The Cyber Threat Impact of Covid-19 to Global Business,” the firm said threat actors all over the world are exploiting people’s fears around the virus in order to make money. One ransomware letter tells the victim that not only did they encrypt all of their data, but they can also “infect your whole family with the coronavirus.” These types of fear tactics work on a vulnerable population of people during a frightening pandemic.

This is similar to psychological tactics used in sextortion scams, in which hackers tell the victim they have has access to the victim’s camera or photos with evidence of wrongdoing, and threatening to expose the victim’s “sins” to family and friends if the ransom is not paid.

There has also been a surge in Covid-19-related products, scam templates, and hoaxes on deep and dark web markets. The sellers seek to exploit public fear by offering products that could allegedly serve as virus tests or vaccines. In all likelihood, however, these “products” are in no way real, and buyers would be scammed out of their money.

The report noted one particularly desperate offering, claiming to offer blood and saliva from a coronavirus survivor. In theory, this blood and saliva could be immune to the virus, having developed the antibodies to fight it off.

People around the world are desperate to find out how many coronavirus cases there are, and how severe the threat is in their regions. Cybercriminals wasted no time exploiting this fear, creating a plethora of fake mobile apps claiming to provide such data. IntSights monitors multiple online app stores for fake apps, and while some of the fake apps that have been created are benign, others have malicious capabilities.

While phishing and malware attacks have been around for a long time, what has significantly changed due to the Covid-19 pandemic is how employees communicate and access data. There is a significant increase in the usage of online meeting platforms, and the cybercriminals are paying attention. A quick look at IntSights’ Vulnerability Risk Analyzer (VRA) shows that cybercriminals are discussing different online platform vulnerabilities and exploits.

Information about Covid-19 is pouring into the Internet from every country and from various outlets, including governments, press, social media, healthcare professionals, and cybercriminals. As with any crisis, war, or other opportunity, threat actors are using the virus to create panic, confusion and distrust. Criminals have found ways to exploit human ignorance about coronavirus detection, testing and treatment by selling various products and services that claim to help or heal people. Social media is teeming with hoaxes, myths and conspiracy theories about where the virus originated, who is to blame for its global spread, how it spreads in the population, and how it can be detected.

Based out of its Asia-Pacific headquarters in Singapore with a presence in Hong Kong and Japan, IntSights’ regional business is anchored by a growing team of experts from sales and pre-sales to systems engineering, channels and customer success. The company scales customer acquisition through its extensive network of channel partners including global system integrators, managed security service providers, distributors and resellers.

“As enterprises in Asia-Pacific expand their digital footprint to engage with their audience, they are increasingly aware of the need to stem vulnerabilities from cyber threats originating from the external environment,” said Michael Tan, regional sales director of Asia, IntSights.

“With our further expansion, we strive to maximize collaboration with partners and equip more organizations with actionable threat intelligence that will empower them to proactively identify, guard against and take down threats.”

IntSights’ global customers span multiple sectors including the government, e-commerce, healthcare and finance. In Asia-Pacific, the company counts a leading global insurer, top e-commerce companies, and some of the largest telecommunications providers and banks in Southeast Asia among its new logos.

Next week we’ll share some tips on how you can protect your online identity.


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Previous Article

Apple preparing 75 million 5G iPhones alongside new watches and iPad

Next Article

B2B company receives S$16.6 million investment

Related Posts

Read more

Filipinos urged to continue supporting local businesses

AS the new year unfolds, Globe encourages Filipinos to continue supporting local businesses, just as it wrapped up a holiday celebration of giving back. Through the Globe of Good umbrella program, Globe (www.globe.com.ph) brings together an ecosystem of impact where stakeholders can connect and work together to help communities in need move forward from the adverse effects of the pandemic. Under this initiative, the company revived its annual December tradition of holding The Purpose Tree campaign and the Gift Local bazaar with a face-to-face engagement for the first time after two years of virtual activities.