HomeTechnology and Security, CIO

The COVID-19 cyberwar: How to protect your business

Cybersecurity threats have escalated, as bad actors take advantage of the pandemic.

Download the report

While organizations worry about newly pressing concerns—workforce well-being, finance availability, and the resiliency of operations and supply chains—cybersecurity is being overshadowed and risks are rising.

From March 11 until May 8, 2020, IBM X-Force observed a greater than 6,000 percent increase in coronavirus-themed spam. New threats include:

  • Virus-themed sales of malware on the dark web—even virus-related discount codes.
  • COVID-19-related domains, which are 50 percent more likely to be malicious than other domains registered during the same time period.
  • Numerous phishing scams. For example, X-Force is tracking a spam email that takes advantage of small business owners hoping to secure loans from the US Small Business Administration.

A number of other scams imply association with legitimate health organizations like the World Health Organization (WHO) and the US Centers for Disease Control and Prevention (CDC). Reports suggest nationstate actors may be using the pandemic to make forays into US public health agencies, notably the US Department of Health and Human Services.

The challenges introduced by the COVID-19 pandemic caught many off guard. The tendency toward ad hoc decision making during crises only accelerates the opportunity for bad actors to exfiltrate data and compromise business operations. The potential impacts are more dangerous, too. For instance, a distributed denial-of-service (DDoS) attack in an operational environment already strained for capacity can be far more damaging than a similar attack launched when additional capacity is readily available.

Employees working remotely can make organizations more vulnerable. According to The New York Times, as of the first week of April 2020, 316 million people in the US were being urged to stay home. Many of those staying home are also working from home. The shift to remote work has opened new loopholes for cybercriminals to exploit since many displaced workers lack the secure equipment or protocols to optimize digital safety. And employees aren’t the only ones who are unprepared: enabling remote working is fairly new for many organizations.

Cyber resilient organizations do three things well: organize and deploy resources, communicate regularly, and coordinate responses.

The potential for continued disruption during this pandemic is high, making cyber resilience crucial. Business continuity and crisis management plans can become major strategic assets. Drawing on our research and experience, we have found that highly resilient organizations do three things well: organize and deploy resources, communicate regularly, and coordinate responses.

In this report, we identify key steps security leaders can take now to manage discrete, high-impact events that may arise in this environment – and to prepare for additional unforeseen scenarios. Download the full report below and check out the supplemental action guide: Protecting your business in the face of crisis.

Bookmark this report  

Meet the authors

Wendi Whitmore, Vice President, X-Force Threat Intelligence, IBM Security

Gerry Parham, Research Leader, Security & CIO - IBM Institute for Business Value

You might also like

Organizations should take specific actions now to navigate disruption and be ready for what’s after COVID-19. We've created a framework of seven business imperatives that can help.


CIO leadership is essential to keeping a business operational under extreme, unprecedented crisis conditions.


Our research revealed a group of security leaders who have successfully built supportive, trusting and communicative partnerships with their boards, enabling a clear focus on the greater needs of the business.


Fundamental IIoT cyber hygiene, augmented with automation and AI, is critical to continuity of operations and service delivery for utilities.


Cybersecurity issues are no longer limited to the IT department; instead, they threaten every aspect of the organization and pose a significant threat to ongoing business continuity and reputation.


In the cognitive era, organizations face well-known security challenges that lead to gaps in intelligence, speed and accuracy when confronting threats and incidents.