There’s no honour among thieves. Such is the case even in the midst of an international health crisis. As we’ve all made the shift to remote work, remote education, and social distancing to stem the spread of Covid-19, cybercriminals have opportunistically sprung into action to capitalise on our collective reliance on connectivity.
While corporations and educational institutions have the ability to mitigate the risk of attacks on their network when users are on premise, remote access opens up an entirely new world of vulnerability that all are still grappling with.
There are simple steps you can take today to protect yourself from opportunistic cyber criminals. In the second part of this blog we will show you exactly what you need to do to stay protected.
What are the common types of cyber attacks during Covid-19?
Over the past several weeks, we’ve seen a massive uptick in cybercrime, from social engineering, phishing, and brute force attacks into our home networks.
Hackers are shameless and will sink to any means of obtaining your data, this only increases when we are distracted by world events, with even the World Health Organization being attacked in March. 90% of cyber-attacks start with a phishing campaign, and hackers will tailor their approach to the current situation.
A phishing website tries to steal your passwords or other confidential information by making you think it's a genuine and secure website. These websites are created to get users to land on them by mistyping a website name or by luring you to a fake site entirely. During a crisis like Covid-19, hackers will increase the volume of these attacks by registering as many domains as possible with keywords that are searched.
- According to the software firm Checkpoint, since the beginning of 2020, there has been a substantial increase in new domain registration names that include “Zoom”, the video conferencing software of choice. Since January this year, there has been in excess of 1,700 new registered domains with some variation of ‘Zoom’, and 25% of those were registered during the 2nd week of April alone. Seem suspicious?
- Google also saw a 350% increase in phishing websites looking to capitalise on our desire for information, posing as health organisations, charities, and research institutes. In January 2020, there were a total of 149,195 active Covid-19 related phishing sites. This number leaped 100% to 293,235 in February and nearly doubled again by March, totalling 522,495 registered Covid-19 phishing sites.
If you want to see what these look like, check your Spam folder! We’ve all seen these, they are usually poorly written, sometimes from someone we know, and try to get us to download an attachment to launch malware onto your computer.
What’s the problem then if my Spam folder captures them all?
Unfortunately many do get past your spam, and hit your inbox. Cybercriminals get smarter all the time and email providers need to continually play catch up.
- Company Info: Cybercriminals are targeting remote employees with company messages that notify workers of a positive Covid-19 test within their organisation. The messages contain malicious attachments disguised as protocols that the company is undertaking as well as a “flyer” that recipients are asked to open, read and print out.
- Government and Covid-19 Related Info: There has been a large uptick in attempts from emails sent from seemingly legitimate organisations, to ask for charitable contributions, general financial relief, airline carrier refunds, fake cures and vaccines, and fake testing kits. In the US, Americans will be getting stimulus checks in Q2, but the FBI warns hackers will be capitalising on this to steal information via phishing emails. They indicated that in no way will any government agency be reaching out over email for personal information.
How can I protect myself from phishing websites and emails?
- Check the content of an email, look for misspelled words and closely examine the return address. Typically these emails will be especially vague or general.
- Don’t open unknown attachments or click on links within the emails or text messages.
- Beware of lookalike domains, double check that you are on a secure website with the correct URL before entering passwords or personal information.
- Go to the domain of the senders email address to help verify the legitimacy. Example: firstname.lastname@example.org WiredScore.com is a real site.
So now I can prevent the attacks that we can typically see and identify, but what about the ones we can’t?
Unfortunately, there isn’t just one tool in the hacker toolkit, and the more sophisticated attackers will target the actual networks we connect to, rather than use websites or emails. By nature, our home networks don’t have the same security that would be in place in a corporate environment and hackers are looking to exploit that vulnerability.
How can I secure my home network?
Start with your router and WiFi
Over the past two weeks, there has been an increase on attacks on home routers. Attackers are “brute forcing” to get into our networks, which is basically running software that will try thousands of password combos until they break in. Once in, they are changing our router settings to route us to phishing sites like the ones we just mentioned.1. Change the default password on your router and WiFi
If you are like most of us, you are using a router supplied by your ISP and have never changed the default password or WiFi info, which is a major security flaw. Most of these passwords are easily broken, and there's even a website dedicated to default router passwords to help people who can’t access it. Most routers have the ability to be accessed via a web interface, but check your ISPs website for instructions for doing this for yours, most should look something like this:
- When you open an internet browser, you will need to visit a website based on a string of numbers. This is often printed on the back of the router and will be something like https://192.168.1.1
- Login to your router with the router’s admin password (on the back of your router)
- The user name is admin. You can find the default router administrator password on your router label.
- Replace the current admin password with a new one that’s strong and easy for you to remember. Follow your router on-screen or user guide detailed instructions.
- Now do the same for your WiFi password (pick one different than the previous). Set up a strong password by picking a long, unique mix of numbers, letters and symbols. Your password should be 12 or more characters.
- While still in your router, proceed to steps 2 & 3.
2. Keep your router's firmware up to date
Once logged into your router, ensure there aren’t any pending software updates. Most routers will download these automatically, but many older devices will require a manual update.
3. Disable WPS
WPS allows you to quickly and easily connect your WiFi router to your devices either via a button on the front or a pin code printed on a sticker.
A serious vulnerability was found in many vendor implementations of WPS years ago that allows hackers to break into networks, it also gives anyone with physical access to your router the ability to connect. Because it's hard to determine which specific router models and firmware versions are vulnerable, it's best to simply turn off this feature if possible, which can be done while logged into your router.
4. Enable the latest security
Under Security Options or a similar section in your router, make sure the security for your network is set to WPA2-PSK [AES] or the highest available setting. WPA2-PSK [AES] is currently the strongest level available for home wireless networks.
How can I secure my devices?
1. Keep your connected devices up to date
Having a secure router is great, but it’s useless if you’ve put off a Windows or iOS software update for the last two years. Any device connected to your network can serve as a backdoor into all of your devices. Install security patches and updates as recommended by your computer’s operating system (Windows or macOS) and mobile devices, as all of these manufacturers constantly patch newly exposed security flaws. If you’re not sure how, simply Google search “How to update software <windows or mac>”.
2. Enable the firewall on your computer
A firewall is a security feature designed to help protect your computer and personal data from unauthorised access and alert you to immediate threats. Most devices now come with built-in firewalls and they just need to be enabled. See below depending on your device:
- On a Mac, choose Apple menu > System Preferences, click Security & Privacy, then click Firewall... Click Firewall Options. If the Firewall Options button is disabled, first click Turn On Firewall to turn on the firewall for your Mac.
- For Windows, in the Cortana search box, enter Firewall. Click Windows Firewall in the search results. In the Windows Firewall window that appears, make sure that Windows Firewall is on. If it isn’t, click the Turn Windows Firewall On or Off link in the left pane of the window.
3. Smart Home and Stream securely
Most IoT (Internet of Things) devices and streaming devices (e.g Roku, Fire TV Stick, Apple TV) also have a default password that is just a Google search away.
We strongly recommend updating passwords on all of these devices using your user manual, and also confirm that firmware updates are set to auto in the settings. It’s also considered a best practice to connect these devices to a separate “Guest Network” in your router to keep them separate from your phones and computers, which will have more personal data.