Identity protection, identity-theft recovery and breach-services company CyberScout has staff members in Rhode Island and Massachusetts.
Matt Cullina, executive vice president of strategic partnerships and managing director of global markets, said hackers have taken advantage of recent distractions produced by the COVID-19 pandemic.
PBN: CyberScout has stated that through late March, 34% of COVID-related cyberattacks were brand-impersonation attacks. What are they?
CULLINA: Also known as spoofing, brand-impersonation attacks rely on disguising a communication from an unknown source as being from a known, trusted source to gain information or money. Spoofing can apply to emails, phone calls and websites, or can be more technical, such as a computer spoofing an IP address, address resolution protocol or domain name system server.
Spoofers succeed by sending emails based on templates of emails you would expect to find in your inbox. One common approach is to direct users to “spoofed” (fake) domains and sites for popular and commonly used platforms like Zoom, SharePoint, Microsoft Teams and Google Classroom.
PBN: What factors can lead to a scenario like a pandemic being rife for hackers/cybercriminals?
CULLINA: Hackers and cybercriminals have been actively targeting public and private institutions and consumers during the pandemic. They thrive on human error and when people are distracted with working from home, helping their children learn from home and fear of catching COVID-19, they become prime targets. Businesses and public institutions have also been prime targets due to the distractions they’ve faced with establishing their remote workforce and adjusting nearly everything about the way they conduct their operations.
Hackers are looking for easy targets – and they know that millions of people around the globe are hungry for information about the pandemic. Impersonating global health organizations or even local governments have all proven effective for scammers during the pandemic because people are eager for information and expecting communications from these organizations.
PBN: Spear-phishing attacks are said to be up 667% with COVID-19. How do they work?
CULLINA: Spear-phishing is when cybercriminals develop personalized communications appearing to come from sources known to the target. It’s a more sophisticated form of phishing for credentials, where specific individuals or groups are targeted, often by way of phony emails from known associates. An email arrives – apparently from a trustworthy source like a boss or colleague – but instead of its stated purpose, links in the email lead the unknowing recipient to a bogus website full of malware.
PBN: In terms of cybersecurity, what have been the biggest risks for companies with more folks working from home?
CULLINA: The remote work environment can be filled with risk if not set up in a secure manner or with sufficient employee education. First, people working from home are often using their own equipment and devices and may be using an unsecured Wi-Fi connection. Workers that don’t regularly update their software and devices are more at risk.
In addition, with many workers having their entire family at home, including children in many cases, there is a lot more risk of multiple users accessing a device that includes sensitive work information. With the lack of face-to-face communication, employees may not second-guess an odd email from their colleague or boss (spear-phishing), proceed with the requested action and put the entire business network at risk.
PBN: How has the cyber insurance industry been impacted by COVID-19 and how do these impacts in the U.S. compare with what we are seeing globally?
CULLINA: Across the globe, consumers and businesses are becoming more aware that insurance plays an important role in managing cyber risk and protects against significant losses.
We are seeing an increase in the development of standalone cyber policies, including personal cyber policies, to help close any gaps in cyber coverage. Consumers are becoming more aware that a breach of personal information or financial fraud resulting from a cyberattack won’t always be covered by someone else, such as a business or their financial institution.
Susan Shalhoub is a PBN contributing writer.
