INF Blog

How Hackers are Exploiting COVID-19

14-07-2020 by Sooz Kinsella

A recent article in the Guardian has highlighted that criminals are seeking rich pickings as viewers stuck at home flock to TV streaming sites. Scammers are re-creating top TV streaming sites with fake details to hack personal data.

The spoof sites are collecting personal credit card details for financial gains. Both consumers and businesses are the targets for hackers looking for vulnerabilities in security and phishing scams.

Are home workers at a higher risk?

Safe behind the company network, employees are protected and often unaware of any attempts scammers make on a daily basis to infiltrate company data. The speed at which lockdown happened has meant some businesses have been left exposed by scenarios like:

  • An infected personal computer from a remote employee accesses a company network. The company network is now infected with whatever came from the personal computer
  • Home routers are left un-updated, unpatched and with default credentials; therefore ripe for exploitation
  • A lack of Multi-Factor Authentication puts networks at risk. While rare, it is possible to harvest credentials online, leaving an MFA-less network vulnerable to a threat actor with the correct passwords
  • Home Wi-Fi often doesn’t have the same defenses – think firewalls and anomaly detection monitoring – of corporate environments

Protecting all your devices

Covid-19 hacks aren’t just being used by criminals for financial gain. They’re also showing up in more insidious operations.

Mobile security firm Lookout published findings that a malicious Android application has been posing as a Covid-19 tracking map from Johns Hopkins University, but actually contains spyware connected to a surveillance operation against mobile users overseas.

At Turnkey, we only recommend tried and tested products to ensure your data is safe. That’s why we recommend ESET to provide the best possible security during COVID.  If you need advice on the following, get in touch.

  • Mobile Security Apps
  • Setting up secure VPN Access
  • Require multi-factor authentication (MFA)
  • Invest in full-featured endpoint security for home workers
  • Require encryption if employees will work on sensitive files

 

View more posts

UserPhoto

Post by Sooz Kinsella

Sooz has worked at the core of innovation in software technology for over 20 years. Her passion lies in delivering great customer journeys and automating processes.