As the COVID-19 crisis accelerates dependency on technologically-enabled economic processes, it is also exacerbating cyber-risks. 50% of respondents of the World Economic Forum Covid-19 Outlook survey have expressed their worries about an increasing number of cyber-attacks and data fraud.
The constant flow of information on the virus, accompanied by fear, confusion and even the boredom of confinement, have multiplied opportunities for cybercriminals to deliver malware, ransomware and phishing scams. A surge of new domain name registrations containing “coronavirus” or “COVID-19” characterizes new scams and ransomware attacks, including those aimed at already stressed and overburdened medical institutions, as well as welfare schemes.
The corporate digital infrastructure that normally is protected by multiple layers of security within corporate offices no longer have some of those layers while the majority of employees are working from home. This weakened security is perfect prey for hackers that are searching for any potential vulnerabilities, either technical like virtual private networks (VPNs), or social engineering techniques exploiting peoples’ anxieties. A blurring of the line separating corporate and personal systems heightens the risk of exposing sensitive information not appropriately secured and monitored on personal devices and home networks.
Businesses are facing increasing threats from the outside world and inside their own organizations. Already before Covid-19 pandemic, cyber risks were on top of the executives’ minds. While one of the most important cybersecurity measures is to keep the “attack surface” (digital environment and all different endpoints where an attacker can try to enter into the network to or extract data from) as small as possible, due to the ongoing pandemic, it has expanded drastically and rapidly, as a result, increased risk of a successful cyber-attack. Insider threat associated risks are also increasing as they can be motivated by resentment from layoffs and cost-cutting measures.
Across the world, countries are experimenting with various technological solutions to track, monitor and prevent the spread of Covid-19. This raises multiple privacy-related questions and surveillance with data security at its core: how and where will the collected data be stored, who is responsible for its security and who will have access to it?
As businesses become larger users of technology, digital trust is at the core of their digital success, and in some cases, it will raise concerns about consumers-providers and employer-employee relations.