Covid-19 is causing a surge in cybercrime as hackers use various techniques to steal data and disrupt organisations.
According to analysis from an internet service provider (ISP) Beaming, UK companies experienced on average 157,000 cyber-attacks each in the first quarter of 2020. That’s the equivalent of more than one every minute. As a result, Beaming estimates that such attacks on UK businesses are 30 per cent higher than for the same quarter in 2019.
There were 394,000 unique IP addresses used for these attacks and, perhaps somewhat ironically, due to the origin of the pandemic, 48,000 of these IPs were located in China. However, cyber-attacks from China in the UK were the lowest since the second quarter of 2018. In contrast, there has been a threefold increase in the number of IP addresses used for malicious purposes sited in Egypt. More than 36,000.
Beaming says businesses of all sizes need to view the growing threat seriously and take sensible steps to improve their resilience. Particularly as the risks are being magnified by so many people working from home who aren’t always applying the same security standards or vigilance as they do at work.
However, it was the Internet of Things (IoT) automated technology – such as applications used for building control systems and networked security cameras – that bore the brunt of the recent surge. Other significant targets were company databases and file-sharing systems.
A report by NTT also emphasises how hackers are exploiting the increase in home working. While an employee working from home may be using a company laptop with a fully-encrypted VPN, the physical separation of workers from their managers can tempt them to check their social media accounts during the working day and unwittingly share personal and confidential data with hackers.
A Global Attack Trends 2019 Report from Sonic Wall shows how the tried-and-tested techniques continue to be used for the majority of cyberattacks. While other methods are emerging, there were still 9.9 billion malware attacks and an estimated 4 trillion intrusion attempts last year. While many companies may be well-equipped to deal with these traditional cyber weapons, the sheer volume of such attacks still poses a significant threat to homeworkers.
Cybercriminals often use Exploit Kits (EKs), and SonicWall’s report says these kits are continually evolving. Newer, more sophisticated EKs may use “file-less” attacks where no footprint is left on the victim’s hard drive, and others can alter a router’s DNS settings, redirecting unwitting users to malicious websites.
Gary Jowett, from Computer & Network Consultants (CNC) in Brighton, said: “UK businesses need to re-educate employees as new threats emerge and to keep your business well prepared, it’s also a good idea to attain Cyber Essentials certification . This is a simple but effective, Government-backed scheme that will help protect your organisation against a whole range of the most common attacks. It has to be renewed, so it helps to ensure IT security is well maintained. It could also prove to be a positive differentiator between you and your competitors when you’re tendering for new business.”