The COVID-19 pandemic has brought many challenges to the way we live our lives and how we run our businesses. COVID-19 has also brought about some challenges in how we think about cyber security. Some new, scary trends have emerged from this pandemic.
Unsecured Remote Desktops
One scary trend that has emerged since the start of the pandemic is the amount of unsecured Remote Desktop Protocol machines to support the increase in remote workers. According to a study by Webroot, and quoted by Channel Futures, 40% of RDPs are unsecured. This is scary, as brute force attacks carried out on these RDPs can lead to the theft of data, or the introduction of malware to your systems. According to a study by Kaspersky, brute force attacks on RDP was up 400% for March and April of this year alone. If your RDP is open, you need to secure it!
As expected, phishing has also been on the rise since the beginning of the pandemic. According to Barracuda Networks, phishing grew by 667% in Mach of this year. Even people who would normally consider themselves “cyber aware” are more likely to click on a phishing email if it contains words such as “covid” or “corona virus” as people are craving more information about the pandemic. This increase in phishing is scary as phishing emails not only lead to a loss of credentials but could also lead to malware and ransomware.
COVID-19 Ransomware Increase
There are some conflicting statistics on the increase in ransomware since the start of the pandemic. The Skybox Security 2020 Vulnerability and Threat Trends Report, says that ransomware is up 72% since the beginning of the pandemic. Contrast this with a study by SonicWall, who in their 2020 Cyberthreat report, sees a 105% spike. While it is difficult to determine how much of the ransomware increase is directly COVID-19 related, it is clear that cyber criminals are increasing their attacks hoping to target businesses that are distracted by the pandemic.
Coronavirus Related Domain Names
Not surprisingly, there has been an increase during the pandemic of websites relating to the coronavirus. A study by ZDNet has found that “tens of thousands” of domain names with coronavirus are being created on a daily basis. The scary part is that same ZDNet study found that 90% of those domains were “scammy”. These sites could be used to harvest credentials, spread malware, or trick users into buying fake coronavirus cures. Whatever the case, you need to be suspicious of most coronavirus websites.
Zoom Accounts Sold on the Dark Web
Another alarming trend is the increase in Zoom accounts being sold on the Dark Web. With the rise in remote workers, many were using web conferencing services like Zoom to keep connected to colleagues and clients. Bleeping Computer has found that over 500 thousand Zoom accounts are being sold on the dark web. Unsure if any of these credentials belong to you or anyone in your organization? To help combat this, always ensure you have a unique password for every account, and ensure that if your account was ever compromised, that you change your password. You could also use Uzado’s Dark Web Finder service to see if any of your staff’s corporate credentials have been compromised.
COVID-19 has brought many cyber security challenges to the modern workplace. If any of these above scary statistics have you wondering about your company’s ability to defend against cyber challenges, Uzado is here to help.