While cybercriminals will continue to use the Covid-19 pandemic for financial gain, cybersecurity professionals around the world are uniting to fight them, said global cybersecurity company Kaspersky.
Speaking at a recent online webinar, Vitaly Kamluk, its director for Global Research and Analysis Team Asia Pacific, said the Covid-19 CTI League, a non-profit, voluntary focus group made up of more than 150 different individuals and organisations from across the globe, has sought to take down fake websites, detect coronavirus-related malware and offer an incident response in case of an attack.
Kamluk has personally developed Bitscout, an open-source and free tool for anyone interested in digital forensics and cyber investigations.
“Any big trend or any big event in the physical world will always have a reflection in the cyber domain,” said Kamluk.
At the webinar, he pointed out how Covid-19 has disturbed the normal IT eco-system of organisations.
The various quarantine measures resulted in more staff taking work computers to arguably unprotected home networks, widening the surface of attack for cybercriminals, and an increased number of employees accessing their companies’ assets and networks through their vulnerable personal devices, he said.
Now understandably companies have to cut budgets and choose cheaper cybersecurity solutions and have lost the ability to do incident response on location in case of a cyberattack.
Social engineering attacks have also become easier during the global chaos as more people fall for simple tricks, and cybercriminals are well aware of it.
Kaspersky researchers have detected a seven-year-old malware in Vietnam and in some countries in the Asia-Pacific region resurrected through automated behaviour and made relatable by just adding phrases related to the coronavirus situation.
“Using names and popular terms related to the current pandemic simply elevates the probability of these worms being opened by another user after it is copied to a network share or a USB drive,” said Kamluk.
Kaspersky said businesses could protect themselves by deploying minimal dedicated secure gateways to all employees, making sure everyone runs an antivirus and Endpoint Detection and Response solutions, and reports statuses to a central server, mandatory 2FA (two-factor authentification) and biometric authentication, and running dedicated video-conferencing servers on company premises.
VIET NAM NEWS/ASIA NEWS NETWORK