Hikvision Covers Pandemic-Driven Cyber Threats, Vulnerability Exploits
Cybercrime has grown as the pandemic shifted many employees to a work from home model and threat actors have directed their focus toward exploiting related vulnerabilities. In April 2020, Google blocked “18 million phishing attempts” every day for a week. In the article, “Hackers go phishing for remote workers during pandemic,” industry publication SecurityInfoWatch.com (SIW) covered this escalating security concern for employees and organizations.
Hikvision senior director of cybersecurity Chuck Davis covered the cyber threat uptick in this March 2020 blog. At that time, phishing campaigns were already beginning to proliferate, preying on pandemic-related fears.
What is Phishing?
Phishing attacks have long been an effective way for attackers to trick people into divulging sensitive information or infecting a system with malware. Malware can give an attacker remote access to protected systems and networks, encrypt a user’s data and charge a ransom to decrypt the data, or use that system as part of an attack against other systems. Around since at least 1995, phishing is used to trick people into providing credit card information, login IDs and passwords, and to gain access to your computer, protected systems and/or networks.
By learning to identify phishing emails, employees are less likely to divulge sensitive information or click on malicious links in emails. Read this primer on phishing to improve your skillset, and reduce the risk of downloading malware by clicking on suspicious links: “Part One: An Overview of Phishing Hacks by Hikvision Senior Director of Cybersecurity.”
Growth in Cyberattacks
The SIW article noted a 300 percent increase in cyberattacks since the pandemic began. And employees working from home are balancing a new mix of demands that include home schooling children, among other requirements that add a new level of pressure for workers.
From the article: “Further exploiting the chaos and uncertainty of COVID-19, bad actors convincingly spoofed large, international organizations and websites, like the World Health Organization (WHO) and the Center for Disease Control (CDC), to smaller, local, and regional health reports.”
Employee vulnerabilities are reflected in these statistics:
- 38 percent of untrained employees fail phishing tests.
- Only 35 percent click on malicious links, but 65 percent will click to open an attachment.
- If an email appears to come from an identifiable internal account, click rates increase to 90 percent.
Cybersecurity training programs should be adapted to help change behavior so employees, and their employers, are less vulnerable. The article recommends microlearning, which is small doses of cyber training done over periods of time to change behavior.
Read the full story at this link.
Cybersecurity Resources from Hikvision
For additional insights into pandemic-fueled cyber threats and education resources on cybersecurity, read the Hikvision blog series about COVID-19 hacks, phishing and cyberattacks. And, for practical tips to work securely from home, check out Hikvision’s work from home blog series with recommendations for VPN security and updating firmware on your home router. Applying these tips can help employees reduce cybersecurity vulnerabilities when working remotely.