Cybercriminals, some backed by hostile state actors, are taking advantage of these unprecedented times. Businesses need to be more mindful than ever when it comes to taking cybersecurity seriously, especially when designing new software and systems.
Latest warning from US and UK cybersecurity agencies
Only recently, the UK’s National Cyber Security Centre (NCSC) and US Department of Homeland Security (DHS) Cybersecurity and Infrastructure Agency (CISA),.
According to this statement, cyber criminals and advanced persistent threat (APT) groups are focusing on companies and individuals, using ransomware and malware to steal or blackmail data or money out of people and businesses. Hostile state actors are likely involved, or behind some of these attacks.
In this joint advisory, it’s warned that many of these scam emails claim to come from health organizations, and are related to the current crisis. Viruses and malware is said to be hidden in emails claiming to come from the Director-General of the World Health Organization (WHO), and other senior officials and organizations.
Other examples that have been spotted include emails claiming to come from national or local governments offering payment and support, in one form or another. Many of these are phishing. Emails attempting to extract data so it can be exploited later on with fake invoices and other attempts to extract money, or more valuable sensitive information.
In the advisory, Bryan Ware, CISA Assistant Director for Cybersecurity, said:
“As the COVID-19 outbreak continues to evolve, bad actors are using these difficult times to exploit and take advantage of the public and business. Our partnerships with the NCSC and industry have played a critical role in our ability to track these threats and respond.
“We urge everyone to remain vigilant to these threats, be on the lookout for suspicious emails and look to trusted sources for information and updates regarding COVID-19. We are all in this together and collectively we can help defend against these threats.”
For companies in particular, this need to be taken into consideration when using or designing new software:
“The NCSC and the CISA have also observed criminals scanning for known vulnerabilities in remote working tools and software, which is evidence that they are looking to take advantage of the increase in people working from home. This includes exploitation of the increased use of video conferencing software, where phishing emails with attachments naming legitimate video conference providers aim to trick users into downloading malicious files.”
How these new threats influence software development?
Cybersecurity is something companies have been dealing with, investing in, and taking increasingly seriously for years now. New threats appear all of the time.
However, we have to be mindful of the fact that these new threats are appearing at a time of unprecedented global challenges. In that context, companies can’t afford to suffer data breaches, customers losing confidence in them, or to be scammed out of money. Under these circumstances, employees might not be as wary of scams. People have enough to worry about.
Fraudsters could more easily get through, and if security systems aren’t operating in the same way with everyone working from home, this could cause serious problems in the near future.
Let’s look at what this means when designing or modifying software to make it more secure:
• Embed 2-factor authentication: Make logging-in as secure as possible. Especially if people are using their own devices, you need to be sure that each login comes from one of the team, not a cybercriminal who’s been able to bypass security and is attempting to break into your systems.
• Automated security alerts: Can be set-up for a wide variety of reasons. Think about the layers of security your organization needs. Such as when sensitive data is accessed, or customer details, or payments are about to be made. Do you have barriers in place to prevent any of these things being accessed, shared, or implemented without the right authorization? Now is the time to make security more stringent.
• Audit trails. Do you know what documents, databases and other systems have been accessed, when they were accessed, and who accessed them? If not, then for security, risk and compliance reasons, now is the time to put an audit trail in-place. This could be retroactively adapted within existing systems, or built-into a new one. To prevent cyberattacks that have already got through your first line of defense, you need systems on the inside that keep accurate real-time records and prevent further damage.
With the right layers of security in-place, you can more easily and effectively prevent cybersecurity threats from wrecking havoc. In these challenging times, the last thing companies need is to suffer a cyberattack. Keeping internal systems and software secure is essential for the security of the entire organization. Making changes to software you already have, or including these features when designing new software is an essential step towards keeping data and finances safe.