Ever since the Internet has been in place, cybersecurity or information technology security has been concomitant. Cyber Security is one of the biggest challenges in the contemporary world and the COVID pandemic has created a bigger playground for Cybercriminals. The ever-increasing dependence on computer systems and the Internet has put systems at risk.
In recent times, cyber crimes have become extremely sophisticated and cybercriminals have come up with new ways to obtain access to an organization’s systems and sensitive information. Throughout 2020, everyone was battling to overcome the ambush of challenges brought by the pandemic. However, cybercriminals saw an opportunity and wholeheartedly exploited the panic and chaos caused by the pandemic to fill their own pockets. And these criminals took no time to launch back to back CyberAttacks during the pandemic and left no stone unturned to target the vulnerable companies that weren’t prepared to support a remote workforce securely.
A recent incident that happened with Nidhi Razdan, a TV anchor and a former Executive Editor at a well-known News Channel in India has made us rethink that nobody is immune from CyberAttacks and how sophisticated these attacks are that a well-renowned Journalist falls prey to it.
She was approached by some people for the job of “Associate Professor” at a journalism school at Harvard University. After a single web-conferencing interview a year back, she was “shortlisted” for the job through an email offer letter, which as per her appeared genuine. Then through an elaborate web of deceit, she was made to believe that her stint at Harvard was getting delayed for many reasons, including COVID. In the meantime, she quit her 21-year career as a TV news editor and journalist and flew down to the US to take up her new “appointment”. Unfortunately, the “job offer” was fake and she could not smell anything wrong till a few months ago when she thought of putting her foot down and contact the senior management at Harvard University.
That is when she got to know that she has been the victim of an elaborate phishing attack, wherein, through the job offer, the perpetrators have extracted her financial details and any other personal details.
This type of attack can be typically categorized as a Spear phishing attack. It is an email or electronic communications scam targeting an individual, organization, or business. It intends to steal data for malicious purposes or install malware on a targeted user’s computer
“A single spear-phishing email carrying a slightly altered malware can bypass multi-million dollar enterprise security solutions if an adversary deceives a cyber-hygienically apathetic employee into opening the attachment or clicking a malicious link and thereby compromising the entire network.”
― James Scott, Senior Fellow, Institute for Critical Infrastructure Technology
CyberAttacks in India mostly use Spear Phishing emails. About 72% of Covid-19 related CyberAttacks used spear-phishing emails. Attacks are now coming from well-lit fiber optics, through cyberspace, through emails, telephones, video conferencing, forced consents, and so on. And these phishing attacks are not just coming from the now infamous Nigerian emails, but from multiple channels that create the fine fabric of deceit, involving even the names of institutions of repute. It has become a far more dangerous world, where even the law enforcers are finding it difficult to get a handle on.
Another Incident that has brought cybersecurity back into the daily discussion is the highly sophisticated Russian hack that hit the Pentagon, Fortune 500 companies, multiple U.S. agencies, and nuclear labs in December.
Hackers exploited the way software companies dispense updates, adding malware to the legitimate package. Security experts said the malicious code gave hackers a “backdoor” — a grip in their targets’ computer networks — which they then used to gain elevated credentials. The malware was engineered to be stealthy, operating in ways that would masquerade as a normal activity. The breach allowed hackers to spend months exploring numerous U.S. government networks and private companies’ systems around the world. Industry experts say a country mounted the complex hack — and government officials believe Russia to be guilty.
The hackers attached their malware to a software update from SolarWinds, a company based in Austin, Texas. SolarWinds says that nearly 18,000 of its customers — in the government and the private sector — received the tainted software update from March to June of this year.
Microsoft has now taken charge of the domain name to reveal the extent that hackers used to communicate with systems that were compromised by the Orion update. SolarWinds has now released software updates that fix the vulnerability and apologized “for any inconvenience caused.” Microsoft named it “Solorigate”
SolarWinds does not appear to be the only attack vector. After previous denials, Microsoft confirmed on New Year’s Eve that its Office 365 software was also targeted by “a very sophisticated nation-state actor,” through its software resellers, but the company didn’t believe hackers were able to do much more than view source code. A cybersecurity company named FireEye that was also a victim of the SolarWinds hack has named this malware as “SUNBURST”. FireEye was the first to unearth the hack — not the government agencies charged with protecting the nation’s cybersecurity infrastructure
Some effective measures to secure your organization or individual are:
Identify the loopholes within your organization’s network and IT infrastructure and act on the causes of risk. Prepare for risk mitigation to prevent and reduce threats
Train employees to recognize social engineering attacks such as phishing and other attacks by regular training programs. Educate them to be careful before clicking on a link or downloading an attachment from an unknown source
Set up a firewall that protects the internal networks of your business.
Implement basic cybersecurity protocols such as a strong password policy, enabling multi-factor authentication for verification, using secure Wi-Fi, encrypting sensitive data, and regularly updating the systems with the latest security patches.
Keep updated with the latest cyber hacks and threats news. It helps your organization stay up-to-date with the latest cybersecurity-related issues. It also provides you with the cybersecurity preventive measures that your organization can adopt to avoid becoming a victim.