The COVID-19 cyberattacks have shone a harsh light on the status of web security. The lessons from the COVID-19 cyberattacks (and attempted attacks) enable us to strengthen web security measures and be better prepared for the future. Let us delve into these lessons now.
The Nature of Web Security Threats During the Pandemic
As of April 2020, the FBI’s Cyber Division saw a 3-4X increase in the number of cybersecurity complaints received daily from the start of the COVID-19 pandemic. Interpol and the FBI have both reported a rapid increase in DDoS, ransomware, phishing, and malware attacks. Attackers predominantly used email to deliver web security threats.
Many of these attacks/ frauds are COVID-19-themed, impersonating reputable organizations (WHO, CDC, and so on) to coax people to wire money, download malware, or share confidential information. Thus, making COVID-19 the biggest web security threat in 2020.
Lessons in Web Security Learnt from COVID-19 Cyberattacks:
Attackers Capitalize on Fear and Panic During Crises
The increase in COVID-19 themed phishing and malware attacks throughout the pandemic stands testimony to the fact that attackers keep finding opportunities to fulfill their motives. By the end of March, over 2000 malicious and over 40,000 newly registered high-risk domains were discovered. As of April, Google saw over 240 million COVID-related phishing and malware emails and spam messages.
The emotional, mental, physical, and economic distress, during crises makes people more vulnerable. Prompted by fear and panic, people take the bait from scammers and attackers in the hope to get additional benefits, get information on vaccines/ research, etc.
Lesson: Continuous and effective stakeholder education is a must. Customers, employees, and other end-users must know better than to take the bait. They must be made aware of ways to identify such phishing and malware attempts for heightened web security.
Identifying the Weakest Links to Restrict Lateral Movement
As the spread of COVID-19, web security threats spread laterally starting initially with the weakest links. In most cases, the weakest links are human beings. Insecure endpoints, unknown entry points, unpatched vulnerabilities, weakly configured network security (especially those of home networks), etc. are some other weak links in web security and attackers exploit them to do their bidding.
This is especially the case when the target is a large and complex enterprise network. For instance, in the 2020 Twitter Hack, the hackers used a series of social engineering attacks against Twitter’s remote working employees to gain access to internal administrative tools. Using these tools, the hackers gained control of many high-profile accounts to carry out the cryptocurrency scam. They netted over USD 100,000 in a matter of hours.
Lesson: Organizations must identify their weakest links and secure them to protect websites from hackers. Additionally, segmenting users and enforcing least-privilege access controls help minimize data exposure risks. Endpoint security must be extended to BYOD devices and shared home networks for remote workers to prevent lateral movement of threats.
Basic Web Security and Hygiene Measures Go A Long Way
Organizations need to understand that the new normal is here and has caused paradigm shifts in the work world. We do not have the security of secure enterprise networks and devices. Employees are working remotely from their own devices on shared networks.
Lesson: Basic web security and hygiene measures improve the baseline defenses. Thus, they go a long way in securing websites and the wealth of data they contain. Some of these measures include:
- Knowing the network architecture
- Monitoring all devices connected physically and virtually, their configurations, security controls, and so on
- Implementing a strong password policy and multi-factor authentication
- Enforcing strict access controls
- Maintaining activity logs
- Extending protection to BYOD devices of remote workers
Due Diligence in Choosing Technology Solutions
There is a growing need for different tech tools for improved collaboration and productivity among employees during remote work. Organizations have rather haphazardly onboarded tech solutions without due diligence. Some of these have built-in vulnerabilities and erode web security.
Lesson: It is not too late for organizations to reconsider their choices and shift to secure tech tools. This is important for strengthening web security in the long run.
The Way Forward
The COVID-19 cyberattacks have tested the level of preparedness of organizations to tackle the pandemic-driven web security threats. Moving forward, we must learn from the lessons these cyber-attacks have taught and tighten web security accordingly with the help of security experts like Indusface.