At the start of 2020, very few people would have predicted the events that unfolded. The COVID-19 global pandemic caused unprecedented changes to all of our lives and has reshaped our entire working culture. From the accelerated pace of digital transformation and move to the cloud, to the increased use of collaboration tools, cybercriminals looked to take advantage of these rapid and widespread changes for their own purposes.
This week, Experian – a consumer credit reporting company, says it has experienced a breach of data which has exposed some personal information of as many as 24 million South Africans, and 793, 749 business entities, to a suspected fraudster. This is one of the many criminal cyber-attacks, exploiting the COVID-19 pandemic to target organisations and individuals across all sectors, including governments, industry, healthcare, service providers, critical infrastructure, and consumers.
“We saw COVID-19 related phishing and malware attacks increase dramatically from a few thousand per week in February, to over 200, 000 per week min late April,” says Pankaj Bhula, Regional Director for Africa at Check Point Software Technologies.
“In May and June, as countries started to ease lockdowns, threat actors also stepped up their non-COVID related activities, with a 34% increase in all types of attack at the end of June compared to April, ” adds Bhula. As a result of the rapid move to public clouds, one of this year’s key trends so far is an increase in attacks targeting sensitive cloud workloads and data.
“Organisations need to think about the different ways that people access information and the different assets to protect against. Think mobile threats, think about security in the cloud, think about IoT devices and have a comprehensive security approach protecting those. It also helps if you have incidence response plan to help in the mitigation and recovery in case you get compromised,” adds Bhula.
The unvarnished truth is that cyber-attacks will continue to grow, and organisations will have to look at radically strengthening their cyber defences around critical infrastructure. The good news, however, is that implementing these controls and measures will go a long way to helping businesses keep safe.