The World Health Organization (WHO) – the specialized agency of the United Nations relied upon for trusted and timely COVID-19 updates – has experienced a huge surge in attempted cyberattacks through March. WHO chief information security officer Flavio Aggio told Reuters that hackers have upped their ante against the organization as they battle to contain the novel coronavirus.
Cyberattacks against the WHO have been varied in nature. One criminal group was discovered by Alexander Urbelis, a cybersecurity expert and attorney with the New York-based Blackstone Law Group, to have activated a malicious site mimicking the WHO’s internal email system. Other reports have suggested hackers are sending phishing emails with a link to a spoofed WHO app that promises to help people manage the coronavirus crisis, whereas in reality, the software they’re asking people to install is laced with malware.
Hackers are using known tactics to target, manipulate and spoof entities like the WHO – and other trusted sources like government agencies, employers and so on - to trick society while guards are down and there’s general preoccupation, anxiety and concern over the coronavirus.
“What’s happening on the cybersecurity side is that people’s guards are down,” said Asaf Lifshitz, CEO of Sayata Labs, an Israel and Massachusetts-based firm with a solution for processing cyber policies. “Cybersecurity almost always comes at some degree of conflict with productivity, and all of a sudden [as a result of the coronavirus] there’s this massive shortage of productivity. Companies need to be able to transact business, now that their employees are working from home and they’re already taking a hit.
“In times like these, IT managers have to make compromises. Ideally, we’d like our employees to log in via a VPN, or to conform to whatever standards we put in place before. Now, it’s much harder to enforce. If we insist on doing it, productivity will take a bigger hit, and so those constraints are relaxed a little bit - and that’s what I mean when I say guards are down from a pure cybersecurity perspective. Another interesting point is that guards are down in people’s minds a little bit. That’s a combination of there being so much information going around, and maybe people’s emotional stress levels are a little bit higher.”
There are certain areas where our lowered guards can manifest into problems, according to Lifshitz. For example, an office setting is much more open to dual-factor authentication than remote working. If an employee receives a suspicious email or an instruction from a senior staff member via email, they’re much more likely to check in for in-person dual factor authentication in an office setting than they are from home. But the reality is, as more people are forced to work remotely, it’s more important than ever to alert people of suspicious items and double check things you’re not certain of.
Of course, companies can purchase cyber insurance to mitigate some of these risks, but, right now, as many businesses transition to working from home, and many business owners face the grim reality of reduced operations or even closure, buying more insurance is not necessarily top of mind.
Lifshitz commented: “For the clients, it’s a mixed bag, and there are two forces in play. One is that they understand, because of what’s going on, that maybe they should strongly consider cyber insurance. At the same time, they’re busy right now with working from home, they still have a business to manage, and some of them are probably more concerned about their cash position.
“Cyber is one exposure for them to consider, but maybe that was bumped a few levels down because they’re more concerned about their cash position overall. So, I’d say that there are two forces pulling in opposite directions a little bit, and the jury’s still out in terms of what will happen. The answer is probably different for different timescales. The moment you’re transitioning to work from home, that’s not when you’re going to buy cyber insurance. Maybe you will sometime after that, or maybe not, depending on how your business is doing as a business and as this coronavirus situation evolves.”
