The COVID-19 cyberwar: How to protect your business

While organizations worry about newly pressing concerns—workforce well-being, finance availability, and the resiliency of operations and supply chains—cybersecurity is being overshadowed and risks are rising.

From March 11 until May 8, 2020, IBM X-Force observed a greater than 6,000 percent increase in coronavirus-themed spam. New threats include:

• Virus-themed sales of malware on the dark web—even virus-related discount codes.
• COVID-19-related domains, which are 50 percent more likely to be malicious than other domains registered during the same time period.
• Numerous phishing scams. For example, X-Force is tracking a spam email that takes advantage of small business owners hoping to secure loans from the US Small Business Administration.

A number of other scams imply association with legitimate health organizations like the World Health Organization (WHO) and the US Centers for Disease Control and Prevention (CDC). Reports suggest nationstate actors may be using the pandemic to make forays into US public health agencies, notably the US Department of Health and Human Services.

The challenges introduced by the COVID-19 pandemic caught many off guard. The tendency toward ad hoc decision making during crises only accelerates the opportunity for bad actors to exfiltrate data and compromise business operations. The potential impacts are more dangerous, too. For instance, a distributed denial-of-service (DDoS) attack in an operational environment already strained for capacity can be far more damaging than a similar attack launched when additional capacity is readily available.

Employees working remotely can make organizations more vulnerable. According to The New York Times, as of the first week of April 2020, 316 million people in the US were being urged to stay home. Many of those staying home are also working from home. The shift to remote work has opened new loopholes for cybercriminals to exploit since many displaced workers lack the secure equipment or protocols to optimize digital safety. And employees aren’t the only ones who are unprepared: enabling remote working is fairly new for many organizations.

The potential for continued disruption during this pandemic is high, making cyber resilience crucial. Business continuity and crisis management plans can become major strategic assets. Drawing on our research and experience, we have found that highly resilient organizations do three things well: organize and deploy resources, communicate regularly, and coordinate responses.

In this report, we identify key steps security leaders can take now to manage discrete, high-impact events that may arise in this environment – and to prepare for additional unforeseen scenarios. Download the full report below and check out the supplemental action guide: Protecting your business in the face of crisis.