We are living in times of global uncertainty with un-precedented levels of disruption to daily routine, travel, social interaction and business due to the Coronavirus (Covid-19).
Many countries have in place travel restrictions not just at national borders but also within domestic regions and cities, the affect is to restrict all but the most essential forms of movement. Many schools and colleges have closed and are moving to distance / online learning, social events are cancelled and face to face interactions curtailed. Businesses are operating work from home policies and have aggressively moved client and staff meetings to online mediums.
So why should this affect digital security? For a number of reasons.
People turn to digital means to continue their daily lives when movement is restricted: online social interactions, purchasing of goods, entertaining themselves, etc. People are now ‘online’ for longer, those that may not have been online are getting connected and in many cases using unfamiliar new services. This is reflected in the demands placed on communications networks (UK Providers see surge in usage, AT&T mobile volumes up 40%).
An increase in the number of people online and time spent online coupled with digital inexperience presents a significant opportunity for attackers to exploit through, phishing malware and fraud related to Covid-19 such as ‘snake oil remedies’.
The business sector is not immune and has rapidly adopted or expanded digital distance working, not only with clients but amongst staff as many physical offices close. Like the domestic situation businesses may not be used to distance working and indeed procuring and using tools that they are not familiar with. Enterprise technical support also is rapidly evolving to meet the new demands, in many cases incorporating significant changes to procedures for business continuity reasons.
Expansions of the attack surface: spending more time exposed, being digitally inexperienced, procurement of new and unfamiliar tools, changes to operating controls, and distanced from support chains present multiple attractive opportunities for attackers and the security community is seeing a rise in attacks (WHO Targeted).
Covid-19 and the surrounding digital and social changes also affect the attackers. There has been a significant rise in attacks, in part due to the widening of the attack surface – ‘The opportunity to exploit’ but also due to who the attackers are – ‘The ability to exploit’. Attackers that were at school are no longer and have significant amounts of time on their hands, attackers with regular 9-5 jobs now have the flexibility and opportunity to practice their ‘alternative lifestyle’, etc.
Fortunately there are many defences to the rise in attacks, the most effective is of course education. Raising awareness of the situation, continuing to re-enforce good digital hygiene will pay dividends. Many authorities, governments and companies are already moving to educate and inform. For the business sector, care in changing business processes and ensure that they remain secure e.g. authority chains and methods, such as who and how things can be signed off should be taken to prevent whaling, etc. For friends and families, the ‘digital natives’ should help the ‘digital naïve’ not only in setup and use of any new tools but also to help recognise what is a scam, what are the signs of trust, etc… For the security sector and service providers, share intelligence with each other and point out / shut down attacks as and when they are detected.
Covid-19 is affecting the global population and is having an impact on digital security, but just as the defence to Covid-19 is a human response, so is the response to the digital impact.