Increased Cybersecurity Threats During the COVID-19 Pandemic

COVID-19’s Impact on Cybersecurity 

The COVID-19 pandemic has forced organizations and individuals to embrace new practices such as social distancing and working remotely. While the world is focused on the health and economic threats posed by COVID-19, cyber criminals around the world are trying to capitalize on this crisis. 

Industry cybersecurity experts have observed a massive spike in phishing and ransomware attacks. Attackers are using COVID-19 as bait to impersonate brands, thereby misleading employees and customers into providing personal information to the wrong people. They can do this by sending out phishing emails or using web browser redirects to malicious websites aimed at getting your information. 

October is National Cybersecurity Awareness Month, and the National Cyber Security Alliance (NCSA) is working with Cybersecurity & Infrastructure Security Agency (CISA) to bring us useful information to combat these types of attacks. 

Spreading Misinformation 

Cyber-criminals out there are spreading misinformation, disinformation, and conspiracy theories online related to COVID-19’s origin, scale, government response, prevention, and treatment. Each phishing email or social media post is designed to look authentic with local government websites and logos. CISA has developed a COVID-19 Disinformation Toolkit to help state and local officials bring awareness to these issues. 

FEMA also has a website updated with information on rumor control for the pandemic. And, as always, you can find up-to-date information at coronavirus.gov

Remote-Work Security 

Globally, 50% of employees are working outside of their main office locations for at least 2.5 days per week, according to the latest International Workplace Group report. Aside from the pressure this office exodus puts on IT teams, Internet Service Providers, and even equipment suppliers, there are real cybersecurity challenges organizations and individuals need to consider. 

Public or open Wi-Fi networks can be a soft spot for data security. Employees working remotely may access sensitive business data through unsecure Wi-Fi networks that will not have the same security controls used in traditional offices. Be leery of accessing sensitive data if you are connected to unsecure networks, such as those at coffee shops or hotels. 

Zoom security has also been a hot topic since working remotely since March. DASNR IT has created and compiled a list of resources for Zoom located on the DASNR IT Support Page for working from home. 

In Conclusion… 

The COVID-19 pandemic has created some new opportunities for cyber-criminals and exacerbated prior methods they have been using to gain our personal information. It’s more important than ever that we take steps to protect everyone’s information and sensitive data. 

Please feel free to contact me (bronson.lewis@okstate.edu) or your District or Departmental Support Specialist to discuss these challenges further. #BeCyberSmart