The Cybersecurity Pathogen of 2020: COVERT-19
The novel coronavirus (COVID-19) is the latest major global pandemic to strike since the Spanish flu in 1918. Whether or not the impact of the disease will reach catastrophic levels for Australia’s economy and the welfare of its citizens is still unclear. However, the seriousness of the cybersecurity impact wrought by world events such as this is not to be underestimated.
Cybercrime has long been a pestilence for business and governments alike, as security breaches have increased by 11% since 2018 and 67% since 2014. Cyber threats during other times of global crisis such as the Global Financial Crisis of 2007-2008 saw security breaches increase from 446 in the United States in 2007 to 656 the following year.
The novel coronavirus is now imposing an additional cybersecurity dilemma for both enterprises and workers, with Australia now seeing a significant increase in targeted phishing attacks.
Scamwatch has received 94 separate reports of scams relating to coronavirus since January of this year. The phishing campaigns in questions use crafted email and SMS messages to falsely include pertinent information from trusted sources, often eliciting victims to open a link or malicious attachment.
Bring-Your-Own-Device (BYOD) security has long been on the radar for enterprises since the rise of hot-desking and flexible work arrangements in Australia. However, as many Australian workers now prepare to work from home full-time for the foreseeable future, the security of respective enterprises remote conferencing and networking infrastructure will be put to the test. Without the adequate best practice protections and safeguards in place, attackers may begin to target users’ home networks in an effort to gain a foothold into their employers’ corporate infrastructure.
Like past major historical events, the novel Coronavirus brings with it a rising tide of cybersecurity threats via targeted phishing campaigns and attacks on corporate infrastructure via remote workers' machines. To minimise the potential risk to corporate networks and infrastructure, organisations should look to implement key security best practice measures, such as – maintaining up-to-date security patches and anti-malware agents on critical infrastructure, enforce comprehensive authentication mechanisms such as multi-factor authentication and well-defined incident response policies and procedures.
Aurian Security is a wholly Australian owned and operated leading provider of information security consulting services. Specialising only in information security, we assist organisations from all industries and all levels of government to ensure that their information assets are well protected.
For more information, visit our Services page.
