Home » MBJ FEATURE » Hackers and phishers haven’t taken a COVID-19 break and continue to be a major threat

Hackers and phishers haven’t taken a COVID-19 break and continue to be a major threat

JAY WHITE

By BECKY GILLETTE

The past couple months have seen a huge shift towards people working remotely in order to stem the spread of coronavirus disease 2019 (COVID-19). Despite widespread business disruption, hackers, spammers and phishers have not let up on efforts to wreak havoc on businesses.

“A hacker’s job is to hack,” said Marti Jordan, Ph.D., FNP-BC, a visiting assistant professor at the University of Southern Mississippi School of Leadership and Advanced Nursing Practice in Hattiesburg. “They don’t take vacations. They work on computers so they are mobile and can work anywhere. Some work independent. Some work for others. They hack into organizations and steal information and get paid for doing that.”

Jordan said reports from security agencies and an ABC news report 2012 listed the most amount of malicious activity coming out of China with the U.S. second, Turkey third, and Russia fourth. Security agencies in 2019 reported the same along with Romania in the top 10.

Lack of cyberhygiene practices and human error is responsible for allowing compromises to network security in about 80 percent of the cases, said Jordan, who published an article about cybersecurity awareness in the February 2020 issue of American Nurse.

“This is often done by replying to phishing emails, clicking on links and opening attachments,” she said. “Something as simple as web browsing at work or on-line shopping can also allow hackers in.”

Some hackers now are sending emails to people that use threats and foul language alleging that they have caught you viewing pornography on the computer and saying they will publicly disclose that information unless you send them money. The emails sometimes include information about a password used.

While it is good idea not to reuse the same password, and change them frequently, Jordan said don’t fall for these kinds of threats. And know that it isn’t that difficult for someone to figure out passwords.

“There is a program you can access and ask it to pull peoples emails and passwords from previous emails,” Jordan said. “For example, a person I do research with and I put in @wesley.com and let the program run and an hour later had 300 people’s emails and passwords. Human nature leads us to reuse passwords or use the same password for more than one account. So that’s how they have the information to try to threaten you.

“And, yes, people fall for the threats because the emails look valid and like they are coming from a valid source. I can create an email that looks valid from anywhere. They will keep sending the email because they think eventually you will answer it.”

With remote meetings dramatically increasing during the coronavirus emergency, some people may be new to the security involved with teleconferences. Jordan said the most common problems that caused Zoom meetings to be hacked were that the privacy settings for meetings were set to “public” instead of “private”. The details of the meeting were to be shared publicly (on a social media site such as Facebook or a tweet), and a password to enter the meeting was not being used.

“Again, this was because of a lack of cyberhygiene and human error,” Jordan said.

Some people use a password manager for all their accounts, which can make it harder for a hacker to guess passwords. The National Institute for Standards and Technology (NIST) has not explicitly recommended the use of a PM.

Jordan said NIST does have recommendations for creation of passwords if you do choose to use a password manager: use a long passcode for the master password to the PM and protect it from being stolen; create different, complex passwords for all different accounts you have; do not use PMs that allow you to recover your password; use MFA (multi-factor authentication) for PM applications; and use password generator options to create complex, random answers to security questions you are asked for online.

For many organizations, cybersecurity continues to be a challenge even when their employees are in their normal work setting, said Jay White, director, Security Services Division, Mississippi Department of Information Technology Services.

“The additional complexity introduced by transitioning the workforce to a telework environment does present additional cybersecurity concerns that must be addressed,” White said. “Organizations that have previously supported a telework option for a subset of their employees should have been better prepared to address the cybersecurity issues for expanding their telework footprint than those organizations that did not have previous experience.”

White said there are additional cybersecurity actions that must be performed by both the organization and the employee for telework scenarios. Organizations must ensure that they take the appropriate steps for reducing the risk associated with providing employees the capability to work remotely. These actions include updating policies and procedures, implementing cybersecurity tools for protecting data and IT resources, providing cybersecurity awareness training specifically focusing on teleworking to employees, etc. 

“Additionally, employees have the responsibility for maintaining a safe remote work environment to ensure that the organization’s assets are protected,” he said.

White said some organizations may feel the need to offer teleworking options to employees without weighing the risk associated with that decision. They may also choose the path of least resistance rather than investing in the time and resources needed to establish a robust strategy. But his advice is that an investment in securing a teleworking environment early on could save the organization a lot of time and money in the future.

“Organizations should also remember that security awareness training that provides users the information they need to increase the security posture of their telework environment is pivotal to the security health of the organization,” White said. “They must also communicate the importance of the role that each employee has regarding the security of the organization. Employees must remember that they have an obligation for protecting data and IT resources regardless of their work location. Employees should never be afraid to ask questions if they have concerns about the security of their home office.”

In the past 15 years the tactics, techniques, and procedures leveraged by cyber attackers have evolved many times. White said an increase in both the sophistication and proliferation of attacks has overwhelmed many security teams. 

“However, it is not uncommon for cyber attackers to continue to rely on older, less sophisticated attacks,” White said. “Cyber attackers will opt for the easiest method available for successfully infiltrating the organization. This means that organizations must not only focus on the latest attacks, but they also need to make sure that older vulnerabilities are remediated as well.”

As reported in the IBM X-Force Threat Intelligence Index 2020, two vulnerabilities with patches issued in 2017 were the most frequently used of the top eight vulnerabilities observed in 2019.  Per the report, these vulnerabilities were used in nearly 90 percent of malspam messages despite being well-publicized and dated.

Cybercriminals are notorious for taking advantage of public health threats and other high-profile events (Olympics, natural disasters, royal weddings, etc.) in order to conduct malicious activities. 

“Cybercriminals realize just how difficult it is for us to resist the desire to gain access to the most current information available,” White said. “Because it is available at our fingertips, we often neglect to ensure that the information is from a reliable source.  Malicious scams related to COVID-19 have been sent via email, social media, text and phone messages, and websites.  To avoid falling victim to these scams, users must remain vigilant and follow best practices. 

SIDEBAR:

Below are a few recommendations users can follow:

• Avoid clicking on links and attachments in unsolicited or unusual emails, text messages, and social media posts.

• Only utilize trusted sources, such as government websites, for accurate and fact-based information pertaining to the pandemic situation.

• Federal Emergency Management Agency (FEMA) recommends only visiting trusted sources for information such as coronavirus.gov, or your state and local government’s official websites (and associated social media accounts) for instructions and information specific to your community.

• NEVER give out your personal information, including banking information, Social Security Number, or other personally identifiable information over the phone or email.

• Always verify a charity’s authenticity before making donations. For assistance with verification, utilize the Federal Trade Commission’s (FTC) page on Charity Scams.

BEFORE YOU GO…

… we’d like to ask for your support. More people are reading the Mississippi Business Journal than ever before, but advertising revenues for all conventional media are falling fast. Unlike many, we do not use a pay wall, because we want to continue providing Mississippi’s most comprehensive business news each and every day. But that takes time, money and hard work. We do it because it is important to us … and equally important to you, if you value the flow of trustworthy news and information which have always kept America strong and free for more than 200 years.

If those who read our content will help fund it, we can continue to bring you the very best in news and information. Please consider joining us as a valued member, or if you prefer, make a one-time contribution.

Click for more info

About Becky Gillette