Comments
Cyber-criminals see opportunity in every crisis. More so, when it comes to the Covid-19 pandemic. As organisations, businesses and institutions rush to put in place IT solutions to be able to keep in touch with their employees and customers, cyber-criminals see this a great opportunity.
“Malicious actors are leveraging the pandemic as an entry mechanism into corporate systems across the globe and India is no different. The convergence of home, school and office has made home a fertile ground for attacks,” Venkat Krishnapur, Vice-President of Engineering and Managing Director of McAfee India, has said.
As per McAfee’s latest findings, India ranked fourth in the top 10 source IP geo-locations for external attacks on cloud accounts from January-April 2020, only behind Thailand, USA and China. Cyber-criminals are actively exploiting the situation with Covid-19-themed ransomware, scam URLs and spam designed to lure remote workers into clicking unverified links or into opening insecure attachments.
“We observed the emergence of phishing campaigns that use pandemic-themed messaging to deliver malware and trojans, as the workforce learns to adapt to a remote working culture,” he said.
“We also detected a banking trojan, Ursnif, that steals banking credentials by collecting activities of victims through keystroke recording and by tracking network, browser activity,” he pointed out.
Ransomware-as-a-Service attacks continued to train their sights on municipal, healthcare, financial and corporate targets.
Mobile threats ranging from ransomware samples to spy agents arising from Android applications, and abusing keywords connected to the pandemic were also on the rise.
“Using spear-phishing techniques, cyber-criminals are targeting select employees to gain access to critical information like staff credentials, customer data, intellectual property, and more,” he said.
Weaknesses
Bad actors exploit human-machine weaknesses. “Just like we are fighting to flatten the Covid-19 curve by social isolation and washing our hands, we should aim to flatten our organisational attack surface by ensuring cyber-security hygiene. We should use multi-factor authentication, strong and complex passwords, VPNs (virtual private networks), and robust endpoint and cloud security software.
“However, the bottomline still remains staying vigilant and using common sense in the online world,” Venkat Krishnapur said.
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.