COVID-19 and its impact on cyber security vulnerabilities

cyber attack

Cyber security attacks are a very real threat for businesses and individuals around the world. It’s predicted that by 2021, cyber crimes will cost the world $6 trillion a year.

As technology continues to evolve and the way that businesses operate becomes increasingly mobile, we can expect that this figure will rise, as cyber security threats become increasingly more sophisticated.

This year, the ongoing COVID-19 pandemic has had a significant impact on cyber security. Individuals have been forced to follow social distancing practices, businesses have increasingly embraced remote working and mobile technologies, and the world has been focused on threats to health and the economy posed by the virus, all giving cyber criminals the opportunity to capitalise on cyber security weaknesses.

We can actually draw several parallels between cyber attacks and COVID-19. Both the coronavirus outbreak and cyber crimes are affecting businesses and individuals on a global scale, and just as coronavirus spreads from person to person, malicious software can spread rapidly from network to network and device to device. Finally, just as COVID-19 has the potential to put many organisations out of business, cyber attacks can also destroy businesses to the point that they are unable to recover.

Whilst COVID-19 has not caused new types of security threat, it has certainly amplified existing vulnerabilities to cyber security.

The biggest cyber security threats to businesses in 2020

Let’s look at some of the biggest threats to business cyber security in 2020 and any links between COVID-19 and cybercrime.

Endpoint security for remote workers

Since the spread of coronavirus began, we have seen record numbers of businesses operating remotely, with employees carrying out their duties from home. Whilst remote working practices have allowed businesses to continue to work as close to normal as possible, it has led to several security weaknesses.

A considerable percentage of remote workers operate without network perimeter security, which is a key layer in a strong cyber security defense. An additional issue is that many businesses allow their team to use their own mobile devices for work, making it more difficult for businesses to enforce data security and ensure that company policies are followed. Mobile devices can also hide signs of potential phishing attacks, along with other threats to cyber security.

Phishing attacks

Phishing attacks make up for the vast majority of cyber crimes. Phishing is the name given to cyber attempts to steal user credentials for on-premises and cloud services. Traditionally, most phishing attacks take place via email, but in recent years, an increasing number of attacks are launched through cloud applications. This form of phishing is known as consent phishing, where users are tricked into consenting for malicious apps to access their data.

API breaches

Recent studies suggest that application programming interface (API) security readiness can lag behind web app security, exposing vulnerabilities. These vulnerabilities are made worse by the readiness of the majority of organisations to make APIs available to external developers and partners, allowing them to access apps and software platforms.

With an increase in remote working, the dependence on APIs has increased in 2020, so we can expect to see a growth in API breaches, which could put user data and privacy at considerable risk.

Ransomware attacks

Ransomware attacks are also a very common cyber threat.  Hackers are deploying increasingly sophisticated technology, allowing them to achieve devastating effects with relative ease. Ransomware kits are very cheap and readily available to those who look.

This year, we are seeing the emergence of highly targeted and extremely sophisticated ransomware attacks. Whilst fewer malware services will be created, those that are will be more powerful, working in conjunction with one another. Ransomware attacks can be devastating for small to midsize businesses, and many will not be able to overcome the associated downtime and recovery costs.

5G threats

Ignoring the widely spread controversy around 5G, opportunistic cyber criminals will target new vulnerabilities between 5G to Wi-Fi. As 5G networks are rolled out around the UK, covered by all major mobile phone networks, wireless carriers will hand off more calls and data to Wi-Fi networks in order to save bandwidth, providing an opportunity for hackers to compromise security.

Internet of things threats

As the IoT (Internet of Things) market grows, and the use of IoT devices becomes more widespread, increasingly complex cybersecurity threats will also emerge. Not only will cyber criminals take opportunities to target the vulnerabilities of new technologies, as new IoT devices and technologies appear rapidly, it will be increasingly difficult to develop effective cyber security strategies to protect them.

Protecting your business from cyber security threats

With the number of cyber threats facing businesses in 2020, it is essential that organisations take the right steps to protect themselves and their workforce, whilst also achieving empowerment through flexible, remote working. IT support specialists can advise on and implement the necessary security services to protect privacy and data.

For cyber security support in Hampshire, businesses can contact Matrix IT, specialists in cloud and security services, along with mobile device management and strategy.