The current COVID-19 situation has provided cybercriminals an excellent occasion to target people, small and big enterprises/business, Government Institutes, and many other organizations. 

“Cybercriminals are developing and boosting their attacks at an alarming pace, exploiting the fear and uncertainty caused by the unstable social and economic situation created by COVID-19.”

Jürgen Stock, INTERPOL Secretary-General

Between January to April 2020 INTERPOL reported 907,000 spam messages, 737 malware-related issues, 48,000 malicious URLs related to COVID.

Online Scams such as Phishing, Disruptive Malware, Ransomware, DDoS attacks, Data Harvesting Malware, Malicious Domains, and Misinformation are part of our daily life. The challenge is, how we can protect our businesses from these cybercrime-related threats.

Source: INTERPOL

Triggering factors

Before we examine the solutions, it is worth looking at which factors triggered these threats.

How can you protect your business from Malware and Phishing and other digital threads?

1. Lockdown

Due to COVID-19 lockdown regulations, people started working, shopping, having fun, and most importantly starting their businesses from home. Home internet connections are less secure than corporate network connections, and the public café internet connections are way more slower which cannot be used as it’s also a public place. The latter is a real dessert, even among hobby hackers.

2. Fake news

COVID-19 has plagued the Internet with a lot of fake pages and information. Due to a lack of information (and later overdose), it was straightforward to mislead campaigns, exploit users with malicious emails, etc. Free Coronavirus tests and later vaccines, donations, and pandemic relief funds, and fake news played a major role in the year 2020.

How to protect your business against cyber pandemic?

1. Educate, Educate, Educate

Most phishing messages show up so genuine that your employees will probably open the connection or implanted connection without confirming the sender’s email id or the data in the message’s body. Create cybersecurity awareness among your workers to assist them with distinguishing unauthenticated messages and emails.

2. Define and improve cybersecurity policies for teleworking

It is essential to make an exacting rulebook for your staff, setting out the protocol for using mobile and desktop devices and internet connection rules. Using a secure internet connection with firewall, multi-layer authentication and VPN should be mandatory. Your employees need to understand that they cannot use corporate devices for private purposes.

3. Backup and Encrypt Data

Backup your systems, files and databases at regular intervals is a must. A single copy of your backups is never enough. Many companies implemented the 3-2-1 backup rule strategy: you should have three copies of your data – 2 on different media and one off-site copy for disaster recovery.

However, backup is not enough; you must encrypt all sensitive data of your organization and other parties (employees, customers, etc).

4. Update your Anti-Virus and firewall solutions

This rule will sound raw, but it is crucial to use sophisticated and the latest trustworthy anti-virus software.

5. Secure Web and Mobile Applications

Your web and mobile applications are at greater risk than before, so you need to pay close attention to vulnerability. Hackers only need to be successful once, but you have to provide protection all the time. Monitor application security risks proactively and preventive measure to mitigate them.

You can use App-Ray a fully automated, fast and efficient mobile app analysis tool. After selecting your OS such as, Android or iOS, and submit it – your part is done.

Your Black Box Mobile App Security Testing
App-Ray: Your Black Box Mobile App Security Testing