Impact of COVID19 on Cybersecurity

COVID-19 and the rise of Cybercrimes:

The International Data Corporation, which is the premier global provider of market intelligence, reports that IT environments are becoming more complex, and cybercriminals are getting better at identifying and targeting weaknesses. Nearly 40% of IT security specialists have reported that cyber security incidents in 2020 had become more sophisticated, and the increased complexity of managing and supporting security products is more challenging than ever before.

The major spikes in fraudulent activity during lockdowns were largely driven by automation. Most cybersecurity incidents attacks that gained traction during COVID19 were Phishing, Malware, Identity cloning, Identity theft and man in the middle. One of the incidental examples of rise
in cyberattacks has been visible in the use of video conferencing. One of the popular video conferencing platforms is Zoom. The Zoom App was another recent cyber security incident which was attacked this year, and people with bad intentions gained access to private meetings, conversations, and managed to share shocking and inappropriate videos.

COVID-19 presented the cyber attackers an opportunity as bait by impersonating popular brands thereby misleading online users and thus infecting computers and stealing critical information. In addition, many legitimate applications that are providing authentic COVID-19 related information for caution, safeguards and travel restrictions are also being targeted by cyber criminals as

online users are being tricked into downloading ransomware disguised as legitimate COVID-19 applications.

COVID-19 lockdown came as a shock to a lot many small and medium sized business who had to rush into transforming digitally at a mind-boggling pace and in this effort paid little or no attention to security and privacy controls and thus suffered due to targeted phishing attacks and retrieval of personally identifiable information (PII). COVID-19 brought the reality for re- examination and higher prioritization for cyber security technology environment and keeping a check on establishing more control for the critical information.

Making Cybersecurity measures a Habit:

The rise of Cybercrimes during the COVID-19 are profoundly the same as before, but are themed around COVID-19 and thus catch our attentive and inquisitiveness when an email relating to curing or preventing COVID-19 reaches one’s inbox, we become tempted to open it. The COVID-19 emergency has reinforced the requirement for imbibing good cyber security practices and understanding the reason behind them and how to make good cyber practices an everyday habit.

In addition, with the General Data Protection Regulation (GDPR), and other legal frameworks, it has become paramount and responsibility of employees to read in detail the privacy policies of every website that are visited and ability to look for technical jargons and importance of identifying a privacy policy that could be considered a potential red flag.

Remote working requires more training and better security measures in place for an employee from the beginning as face-to-face compliance and security trainings had to be switched to online mode. Thus, many companies installed standardised anti-virus and anti- malware software’s that helped and enhanced the security of at home systems from the backend. As the custom of employees to work from home continues, it is should become customary that robust collaboration tools and virtual infrastructure is put in place by companies that are secure new channels of

data and are adopted to the new model of remote working. Lastly with cost pressures mounting with every layer and new security technology function costing money, the responsibility of the employees at inculcating security measures have become ever more critical and the need for regular cyber awareness sessions have become important that are simple and agile at practice level.

Conclusion:

COVID-19 has erupted the cyberspace and the need for being online and connected has never been more whether it is with our family, friends or colleagues. Being more online is being more vulnerable to cybercriminals. It is a recommended best practice to log-off whenever possible. The better we govern our online ethics and making it a priority to understand and practice privacy
and data concerns as to where, why and to whom are we providing or opening-up or personal data? Using encryption when in doubt and understanding the correlation between one’s everyday processes at preventing, detecting, and responding with best intentions and keeping in mind, how one’s action impacts or triggers action for anyone else. Appreciate technology but get inspired

to learn about it and assist others whenever possible, it is possible to pe prepared in advance and thwart cyberattacks. The key to securing and feeling secured about one’s data is to keep a vigil on one’s everyday cyber practices, and making sure we make judicious choices regarding important information. This would make us sail through the vast cyberspace of malpractices.

2023-03-08

OCTACSIRT

Governance, Risk and Compliance

CISO as a Service

DPO as a Service

Security Compliance Audits and Consultancy

Penetration Testing Services

SOC as a Service

NIS2 Directive Compliance Services

Anti-Bribery and Corruption Consultancy

IoT Security

SIEM, NDR and Unified Security

Endpoint Security

Cyber Security & Protection

Vulnerability and Patch Management

Mobile Security

Access Management solutions & Password Management

Encryption

Intrusion Detection System (IDS)

Back-up/ Business Continuity & Disaster Recovery

Data Classification, Audit and DLP

ISO/IEC 27001 Information Security Training

ISO/IEC 27002 Training Courses and Certification

ISO/IEC 27032 Cyber Security Trainings

Ethical Hacking – Training Courses Certification

ISO 31000 Risk Management – Training Course & Certification

ISO 22316 Organizational Resilience Trainings

ISO 37001 Anti-Bribery – Training Course Certification

ISO 37301 Compliance Management System Course

ISO 22301 Business Continuity Management System Trainings

Disaster Recovery Trainings

ISO/IEC 27701 Training Courses & Certification

GDPR - Data Protection Regulation Training and Certification

ISO 9001 Quality Management Trainings

ISO/IEC 20000 - Training Courses and Certification

SECURITY AWARENESS TRAININGS

CUSTOM TRAININGS

Enhancing Digital Security with ISO/IEC 27032

ISO/IEC 27005 Information Security Risk Management Training