Discover Geeks Academy’s articles on: Blockchain, Coding, Cybersecurity, Cloud, Big Data, Artificial Intelligence, Gaming, Digital Innovation
Abstract: At least half of companies admitted that they were unprepared for a scenario like that one caused by the coronavirus pandemic. However, while hackers are seizing opportunities that have emerged from this new context, this situation can open the doors to a great opportunity for a positive turning point in the IT security sector.
Around the world, companies and governments since the outbreak of the pandemic have swiftly taken steps to protect the health of their employees and citizens, including asking people to work remotely. It has been estimated by the United States Bureau of Labor Statistics and the Boston Consulting Group that over 30 million employees in the United States worked in smart working during the pandemic and up to 300 million globally. Accounting clerks, purchasing clerks, human resources personnel, and other workers have had access to corporate sites, online meetings and sensitive corporate data remotely due to restrictions, in many cases through their home computers and private cell phones .
While digital tools offer excellent support for smart working, moving work patterns on such a large scale can have serious unforeseen implications for IT and cybersecurity.
Were companies adequately prepared to address this change and prevent cybersecurity risks? Do companies have adequate tools that prevent workers from downloading malware that could be used to collect passwords providing access to payment systems, personnel records, customer personal data, intellectual property and other important assets? The data unfortunately suggests a negative answer and below we will find out why.
COMPANIES AND COMPUTER SECURITY PROFESSIONALS WERE NOT READY TO TACKLE THE COVID-19 PANDEMIC
According to what emerges from the Bitdefender research, "The Indelible Impact of Covid-19 on Cyber ??Security", only in the month of March the alerts of malware related to the coronavirus emergency increased by more than 475%. Cybercriminals "are acting opportunistically and unethically by taking advantage of this period of uncertainty to spread malware, launch phishing campaigns and attempt online fraud against healthcare facilities already hit hard by the situation", as stated by Florin Talpes, CEO of the company of cybersecurity.
In addition, within this study, there is also a survey conducted among 6,724 professionals in the security and IT sector in May 2020 within different countries, such as the United Kingdom, United States, Australia / New Zealand, Germany, France, Italy, Spain, Denmark and Sweden. Thanks to this survey it was possible to notice that half (50%) of professionals in the IT security sector (60% instead the Italian figure) and the companies in which they work did not have an emergency plan to deal with extraordinary situations such as those of a global pandemic.
Additionally, 86% of cybersecurity professionals said this lack of planning poses a major security risk as attacks launched through the most commonly used vectors have increased since the covid outbreak. Among the most exploited attack vectors, there was a growth of 38% (also for Italy) for cyber warfare and Internet of Things operations, and 37% for APT and theft of intellectual property through cyber espionage.
THE MAIN RISKS
Marcello Fausti, head of Cyber ??Security of the Italiaonline Group, in an article published in the ICT Security Magazine, explains that the increase in online users has amplified the risk of running into scams, data theft, blackmail and many other types of cybercrime.
- The most common risk, Fausti says, is that of information theft. In this case, information that is important to us, such as credit card information, login credentials to our remote banking site or social network passwords could get into the hands of cybercrime and cause irreparable damage to us.
- Another risk that those who work in smart working could incur is linked to a possible encryption of data on hard disks. Often this action is linked to a ransomware attack exploited by cybercriminals to ask for a ransom, generally in bitcoin or another cryptocurrency, to unlock files.
- Last but not least, the risk that minors, connected to the internet for video lessons, may be lured by dangerous predators who exploit the network for their own purposes.
THE SECTORS MOST AT RISK OF CYBER ATTACKS
While there is no doubt that all sectors are subject to attacks by cybercrime, respondents to the aforementioned Bitdefender survey revealed that the sectors most affected in terms of increased cybersecurity attacks during the COVID-19 pandemic are the following: financial (global data: 43%; Italy: 45%), healthcare, including telemedicine, (global data: 34% - Italy: 33%) and the public sector (global data: 29%; Italy: 34 %). Retail trade (global data: 22%; Italy: 18%), energy (global data: 20%; Italy; 18%) and education (global data: 18%; Italy: 16%). Alarmingly, 77% (Italy: 74%) of cybersecurity professionals believe that healthcare has not been adequately prepared due to budget problems.
"At least half of the companies admitted that they found themselves unprepared for a scenario like the current one, while hackers are seizing the opportunities that have emerged from the new context. But this situation can open the doors to a great opportunity for a positive change. , in the cybersecurity sector ", comments Liviu Arsene, Bitdefender's Global Cybersecurity Researcher.
HOW TO DEFEND FROM CYBER ATTACKS?
The main tips that Fausti recommends in his article to avoid attacks that can damage IT security are the following:
- The adoption of multi-factor authentication when possible to protect their accounts. In this sense, it is also useful to take advantage of the tools for generating and managing automatic passwords in order not to run into the common mistake of using a single password for all accounts.
- Perform periodic backups following the “3,2,1 rule” in order to protect your data from possible ransomware attacks.
- Constantly update all devices used to connect to the Internet. Whether it's tablets, smartphones, PCs or refrigerators, it doesn't matter, vulnerabilities can be everywhere and updates provide patches to fix them.
- Use an antivirus. Every device used to surf the net must be protected by an antivirus, an essential tool for protection from malware.
"They all look like advice from the 90s", commented Alessio Pennasillico, of the scientific committee of Clusit (the Italian association of information security) in Wired, "but if we have to keep repeating them over and over, it means that not everyone puts them practically".
THE CYBERSECURITY COURSES OF THE GEEKS ACADEMY
In an interview with dunp, Antonio Venece, director of the Geeks Academy, explains how Geeks was born in 2016 with the aim of being at the forefront and providing, through various study programs lasting 6 months, courses ranging from acquisition basic, intermediate and specialized knowledge of Cybersecurity. Thus participants will obtain an all-encompassing preparation on issues inherent to the various paths and an immediate job opening.
Don't wait to see the future as a spectator ... be the protagonist! Sign up for the Geeks Academy paths to work in the new professions of the Data Economy!
Discover here all the courses related to Cybersecurity!