Coronavirus (COVID-19): increased risk of cyber attack

Start / Content Hub / Sogeti Ireland Blog / Coronavirus (COVID-19): increased risk of cyber attack

Cyber attackers are using the COVID19 crisis to attack healthcare providers’ systems.

In 2019, according to Microsoft[1], 44% of employees of Ireland companies have experienced problems with hacking, phishing and cyber fraud. In a recent PWC[2] report, almost 80% of Irish companies are struggling to keep up with the complexity of evolving cyber threats. At the same time when the healthcare professionals and industry have been working to look after us and researching a vaccine to exterminate the virus COVID19, Cyber attackers are working 24/7 to exploit companies and government around the World.

In the COVID-19 crisis, cyber attacks related with COVID-19 spiked to nearly a million a day during the first week of March[3] targeting the healthcare sector. The new normal of “working from home”, introduces new challenges and complexities to already streatched security teams struggling to ensure a fully protected environment. According to Mandiant[4], alerts are only generated on 7% of infiltrations and ransomware, at the same time the current controls did not prevent or detect detonation within their environment 68% of the time.

A nightmare, especially for Healthcare organizations considered to be a primary target into ransomware campaigns after the COVID-19 crisis. According to Security agencies of USA[5], Cybercriminals are using the pandemic for commercial gain, deploying a variety of ransomware and other malware. Cybercriminals groups are likely to continue to exploit the COVID-19 pandemic over the coming weeks and months.

They had observed following the threats:

Phishing, using the subject of coronavirus or COVID-19 as a lure,
Malware distribution, using coronavirus- or COVID-19- themed lures,
Registration of new domain names containing wording related to coronavirus or COVID-19,
Attacks against newly—and often rapidly—deployed remote access and teleworking infrastructure.

How Ransomware works:

Ransomware is a type of thread used by cybercriminals who encrypt files and then extort money in return for unlocking those files. Without adequate disaster recovery and backup plans, many businesses are forced to pay the ransom.

Ransomware is typically spread through fake emails (Phishing) that have been designed by the hacker to appear legitimate. These emails may contain a link to an infected website or include an attachment such as a Word document that contains malicious code. Once a link is clicked or a document is opened, it downloads and infects the machine quickly; estimates vary from seconds to 20 minutes. During this time, the malware searches the hard drive, network files, external drives, and cloud drives for all files that can be encrypted. After encryption, a “key” is required to unlock the files; this key is saved by the hacker, and this key in not released until the victim pays a requested amount or “ransom”.

How Sogeti could help your company:

Sogeti could help you and your company reducing the risk and deploying a defence program to find, block, monitor and alert Ransomware attacks. Sogeti Ireland, part of Capgemini, is a worldwide leader in providing cybersecurity services. We have an extensive UNIFIED ENTERPRISE DEFENSE program to cover all cyber risk areas to help Small and midsize business (SMB) or large companies to increase the level of cyber security and reducing the risks. Click here to get in touch with our Cyber Specialists.

-----------------------------

[1] Microsoft - Securing the Future 2020 THE STATE OF CYBERSECURITY IN IRELAND - https://info.microsoft.com/WE-SCRTY-CNTNT-FY20-01Jan-30-SecuringtheFuture2020-SRGCM3223_01Registration-ForminBody.html
[2] PWC - PwC Ireland’s 23rd CEO Survey Sustaining success in unpredictable times - https://www.pwc.ie/publications/2020/sustaining-success-unpredictable-times-ceo-survey-ireland.pdf
[3] Microsoft & Forbs - https://www.forbes.com/sites/leemathews/2020/06/17/microsoft-covid-19-cyber-attacks-peaked-in-march-and-fell-off-quickly/#271946a2c9aa
[4] Mandiant - SPECIAL REPORT SECURITY EFFECTIVENESS REPORT 2020 - https://content.fireeye.com/security-effectiveness/rpt-security-effectiveness-2020-deep-dive-into-cyber-reality
[5] USA CISA - COVID-19 Exploited by Malicious Cyber Actors - https://www.us-cert.gov/ncas/alerts/aa20-099a

Contact

Cookies	Description
Registered visitor cookie	Cookie given to each registered user.
Registered visitor functionality cookie	Cookies used to remember the unique identifier given to each registered user.
Social plug-in content sharing cookie	Cookies set by services such as Facebook Connect or Twitter Button, which allow social networks users to share the content of our websites on social networks.
Unregistered visitor cookie	Cookies used to give to unregistered users a unique identifier in order to recognize them and to analyze how they use the website.
Analytic cookie	Cookies used to store URLs of the previous page visited, enabling to track users navigating from inside or from outside the website. If you click on a Sogeti advertisement on a non-Sogeti website, a cookie may be used to log which website you are on, in order to ensure our advertisements are served effectively and to measure whether our advertisements are viewed. Google Analytics: cookies set by Google analytics are used for web analytical purpose, but are not used to track individual users. For further information on how Google Analytics collects and uses information on our behalf and the right to use such cookies, please refer to the Google Analytics products and services privacy statement. If you object to your Personal Data being collected by Google Analytics, you may download and install the Google Analytics Opt-out Browser Add-on. Pardot: cookies set by Pardot are used to track users on our website. Visits are tracked for known users only. Unknown users are recorded as anonymous users. Please refer to Pardot privacy policy for any further information on their use and your rights related to the use of such cookies.