Cybersecurity in the COVID Wild West
By Sarah Dimock
Cybercrime used to be something that only effected the people in movies, but as computer tech has evolved, cyber threats have become as real and commonplace as any malicious act. Now in 2020, we find ourselves in an unprecedented situation: forced to the internet for work and socialization thanks to the COVID-19 global pandemic.
Although the internet saves us from total isolation, it’s also a tool that black hat hackers and scammers want to use against us. With so many more users to choose from, cyber criminals are using this crisis as an opportunity.
Capitol Technology University is designated a National Center of Excellence in Cyber Defense by the DHS and NSA. Our professors know cyber, and we asked them for their take on what you need to know to stay safe right now. Dr. William Butler, Capitol’s chair of cyber and information security and director of our Center for Cybersecurity Research and Analysis (CCRA), wants you to know that not everyone that’s being called upon to protect businesses during this crisis is a cyber pro. “COVID-19 is stressing IT departments to provide more secure connections into the enterprise network,” he says. “Often these new secure connections are employees with little or no advanced knowledge of virtual private networks (VPN) or how to secure their own at-home office.”
“Hackers are going after these new targets with an impressive inventory of attacks and exploits. The National Cyber Security Alliance (NCSA) has produced an excellent tip sheet to secure your home office as part of their stay safe online campaign. Some of their helpful tips include: watch what you click on especially anything titled ‘COVID-19’, vary your passwords especially between work and personal accounts, limit access to your work devices at home, and keep your security software updated.”
Read all of the NCSA’s security tips for remote workers here!
Be careful of giving out any personal information! “Fewer employees are at work and burglaries are on the rise. Cybercriminals will take advantage of this too,” says Professor Rick Hansen, CEO APS Global llc and professor of Cybersecurity & IoT, CISSP. “They [cybercriminals] plant skimming devices to capture ATM and credit card information and are stepping up phishing emails and phone calls. Remember, law enforcement and government agencies never serve warrants or take payments over the phone or online!”
“While staff is working from home, bad actors are hitting cities with ransomware,” continues Hansen. “In March the California city of Torrance was hit with an attack that demanded $689,000. Backup your devices, change your passwords, and be vigilant.”
“All disasters have been accompanied by a surge in bad actor behavior,” says Capitol’s director of Information Technology, Douglas Eddy. “Widespread news coverage creates opportunities for scammers to take advantage of public sympathy for victims of disasters.”
For I.T. professionals, Eddy warns, “Trying to alert users of every threat posted during an emergency like this is not effective, as users get overwhelmed with too much information. User education is the most important tool to help users to recognize, understand and mitigate threats at home and work.”