In 2020, as the world adjusted to life in a pandemic, the double-edged sword of cyberspace became clearer than ever. On the one hand, it has provided a lifeline in challenging, uncertain times of lockdowns and social distancing, by giving people the flexibility to work from home, enabling them to stay in touch with colleagues, friends and family online, and reducing disruption to businesses. On the other hand, the world has undeniably fallen victim to a ‘cyber pandemic’ alongside Corona, with this heightened connectivity between people, processes and technology serving as a collective ‘Trojan horse’ for cybercriminals.
From ransomware to data breaches, election security to unemployment fraud, organizations around the world, public and private, have found themselves faced by major cybersecurity challenges, both new and accelerated. The scams and schemes have become ever more creative; one cyberattack involved hackers posing as representatives of international companies, complete with fake LinkedIn posts, contacting personnel in the Israeli defense industry with tempting job offers, hoping to infiltrate the employees’ computers to access sensitive data.
Even technology and security experts struggled to keep up.
Meanwhile, as governments expand their domestic surveillance capabilities in an attempt to track Corona, experts warn that our private data may soon be available not only to security agencies, but to private companies and even cybercriminals And so, it seems we are poised on the verge of third world war; a war fought in cyberspace in which governments, businesses and even individuals are targeted by cyber attackers, with catastrophic results.
Digital automation, artificial intelligence (AI), Internet of Things (IoT), 5G, the cloud, video conferencing services… the list of hot technological advancements goes on. Each brings with it incredible advantages, but also increases the potential attack surface and opportunities for vulnerabilities to be exploited.
Unwitting employees or even students working from home are often the easiest access point for a malfeasant, simply by reusing passwords, or letting family members use corporate devices.
There has even been talk of nation states planning cyberattacks and espionage against the West, including a warning by the UK’s National Cyber Security Centre (NCSC) and allies that Russian threat group APT29 was trying to steal information about a COVID-19 vaccine under development in the UK, US and Canada.
This isn’t all new. In recent years, systems – including critical national infrastructure and utilities – have been increasingly connected to the internet. The potential for extensive damage is real, and very enticing for hackers and hostile nations. You may recall the WannaCry crypto worm which in 2017 brought systems to their knees with its ransomware attack. The UK’s National Health Service was one victim, incurring £92 million worth of damage in terms of lost output and IT costs, with 19,000 appointments cancelled after the virus locked down computers in 80 severely-affected trusts.
Preparation is key to averting all out cyber war. Individuals need to be educated and trained into a culture of cyber awareness, both at home and at work. Companies, governments and medical facilities need to have in place an incident response strategy, laying out specific steps to be followed in the event of a cyberattack.
In short, it’s time to take matters into your own hands – and we’re here to help! CYBERGYM