March 16, 2021
It is almost a year, people around the globe, have been suffering from this pandemic. The reality of life has changed on most of the aspects. Remote working as become the new normal, now people are used to it. Not only on the job front but also in academics. Most of the schools are teaching online across the globe. Many aspects of life have shifted to online. Virtuality has become the reality. This has given a chance for cyber criminals to take advantage to show their tactics and methods to tap.
Using this pandemic situation, human emotions such as fear and anxiety are used by the cybercriminals to exploit mass online, and it is increased now. They use phishing, as it is one of the most effective and lucrative types of techniques of attacks from the last two decades. Earlier they used BFSI domain for phishing but now they are using this pandemic crisis. Criminals use every chance to make out, from advertisements of masks to special refunds of the government, according to the report. They often imitated leading authority figures on the pandemic, like CDC and the WHO along with their email addresses to attract users to click on the malicious links they sent. Once the user clicks the links, it downloads Trojans and Worms. These malwares do any kind of harm to user computers from deleting the files, blocking or slowdown the performance of the computers and stealing user’s important financial information, payment details, money transactions clues etc., Cybercriminals use delivery disruptions as their tactic. Especially, in this covid situation, they send a delayed delivery mail in which they might be asking user to review new delivery information to receive the shipment. When user reviews it, would download malwares and spywares.
Due to pandemic, companies across the globe shifted to remote working. WFH has become the new normal of work life but without any measures to information security as it is just an afterthought for many companies. Consequently, employee login to their corporate resources from their personal devices and unsecured networks become vulnerable to security threats and cyber-attacks.
Brute-force attacks against RDP protocol, Microsoft’s proprietary protocol that enables users to access Windows workstations or servers has become the favorite targets for attackers as it is used by most of the companies worldwide. Brute-force attack in which attackers try random user ids and passwords to tap the users accounts. In the pandemic, the brute-force attacks against RDP protocol skyrocketed almost worldwide. It is increased from 93.1 mln worldwide in February 2020 to 277.4 mln in March 2020 – a 197 percent increase. In February 2021, it is reached to 377.5 mln, Kaspersky observed.
Since the lockdown announced, online presence of users increased unproportionate. Some of the FANG companies were forced to reduce their video quality to keep up with the user demand. This has become a new target for attackers. Kaspersky states, by May 2020, the average daily number of attacks increased by 25%. It has seen a new peak in cyber-attacks in December 2020 when the world was facing the second wave of COVID.
Malicious files spread under the disguise of popular communication apps such as zoom, teams and other such apps. Kaspersky detected 1.15 mln files in January 2021 – the highest number from the lockdown announced.
It seems another several months or a year, user must be online for everything and this trend may continue further till the pandemic is eradicated completely. At the same time, attackers will also take advantage of this situation and come up with more tactics to exploit. They go even further and make use of vaccine distribution and other possible items related to pandemic to lure users for phishing attacks. As a user, we should be sceptical, and think twice before clicking any links or visit any website.
Organizations are also encouraging remote working now and even after the pandemic, either organizations may continue this remote working or adopt a hybrid model of working. But they should evaluate their usage of RDP and other remote accessing systems and in parallel they should bolster their strategy for a safe and secure remote working.