Troubling trends in cybercrime that began to appear long before the arrival of the pandemic have been accelerating in recent months, and no doubt will be present long after this chaos passes. As always, some of the criminals’ primary weapons involve peoples’ fears.
When chloroquine and hydroxychloroquine (HCQ) first appeared in the news, we started seeing emails with messages targeting people’s worries. “I have a supply of HCQ,” one read, “so you can make sure you have some when the government’s supply runs out.” You might be surprised how many people opened that email. And, of course, they didn’t get HCQ—they got infected.
In many cases, the ransomware that was downloaded immediately found its way to corporate networks and caused havoc. And this is still going on. As online media stokes peoples’ fears about protecting themselves from the virus and other concerns, the carrot on the end of the stick is rigged to convince them and especially the vulnerable that by clicking the link, or opening the email, those fears will be eased.
These tactics work, and the crooks have used them for a long time. With so many concerns proliferating right now, fear tactics are proving more effective. We are encountering a lot of evidence that the cybercrime wave that exploded 18 months ago is growing. It’s still too early to find FBI or Department of Justice statistics regarding the past two months, but real-time reporting from reliable sources confirms that the threat from cybercriminals exploiting the pandemic remains high.
One metric is the steep increase in the value of cyber-currencies. Over the past 30 days, Bitcoin has gone up 30%. We believe that’s evidence that the use of ransomware is still surging, because when the bad actors extort you, they need a secure way to arrange payment.
Another way we have always tracked cybercrime is by monitoring the security companies to ascertain how fast and how frequently they are releasing updates and patches in order to thwart attacks. And what we have been seeing, for quite some time before the pandemic-induced spike, is that there is more than an uptick – there’s a dangerous trend developing.
With so many people now working at home, another basic tenet of cybersecurity is revealing itself. Many organizations long ago recognized the importance of extending their security position to people working remotely. Over the past couple of months, that understanding has spread, with companies discovering that the computing devices being used at a client’s site – the airport, Starbuck’s, Bob’s and Martha’s kitchens – need to be protected in order for the enterprise systems to be safe.
One way to do that is to search for what we call the SHA signature—a way to identify an offending piece of code that the crooks use to execute their specific attacks. We can capture that signature and use it to disarm the malware and break the connection. You can think of it as a vaccine that uses ones and zeros instead of genomes.
As things begin to head back to normal, it would be a mistake to think that the crooks are going to back off. Although your entire workforce may no longer be dispersed, people will continue working remotely. And, sadly, as the fears sparked by the pandemic fade, new fears will emerge—and the criminals will continue to attempt to exploit them.
I don’t want people to be afraid, but I do want them to be vigilant. Please let me know how I can help.
Thank you for trusting us to help with your cybersecurity and remote workforce needs.
Contact us any time—we’re always happy to help.