Cyberattacks have been a bane in the society for ages, but with the outbreak of COVID-19, there appears to be a spike in the rate of cyberattacks.
From HR dismissals emails to attacks disguised as delivery notifications, more cyber attack tricks have been devised to target individuals and organisations.
According to Kaspersky’s new spam and phishing report for Q2 2020, there were 2,2023,051 phishing attacks in Nigeria, South Africa, Kenya, Egypt, Rwanda and Ethiopia.
Unwary users are easily lured into entering their personal information into unsuspecting sites, making them to give away financial credentials or details of their social media accounts.
From these malicious activities, huge amount of money can get wired away or certain corporate network can get compromised.
These and many more are the long term effects of cybercrimes and in times like this, when some organisation appears to have gone virtual.
The rate of cyber attacks have spiked, because most organisations and even individuals became more susceptible during the intensity of the lockdown.
Kaspersky as a global cybersecurity company is constantly enhancing innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe.
Techbuild.africa had some discussions with Bethwel Opil, Enterprise Sales Manager at Kaspersky in Africa on the realities of cybersecurity since COVID-19.
According to Bethwel, Cybersecurity is the practice of defending computers and servers, mobile devices, electronic systems, networks, and data from malicious attacks. It focuses on providing the best protection for digital technologies in the face of evolving threats.
Cybersecurity relies on cryptographic protocols used to encrypt emails, files, and other critical data.
This not only protects information that gets transmitted but also guards against loss or theft. Furthermore, electronic security protocols are used to provide malware detection in real-time.
Kaspersky on Phishing attacks
Bethwel commented that phishing is a significant threat to consumers and businesses alike in the digital age and is one of the most flexible types of ‘social engineering’ attacks, as it can get disguised in many ways and used for different purposes.
Not only do victims risk identity theft but can unknowingly allow an attacker to load viruses and other malware on to their infected devices.
In the worst-case scenarios, users could even get charged with crimes they were not aware of helping the scammer commit – such as getting involved in money laundering.
“At Kaspersky, we are not only dedicated to protecting against these attacks with our solutions, but we also focus on providing advice and tips to devices users on how to go about avoiding falling victim to such attacks in the evolving digital world.”, Bethwel said
By implementing a proper Internet security protection suite, consumers and businesses can greatly reduce the dangers of phishing emails by ensuring they are filtered away from the inbox and other important email folders.
Many of these solutions provide specific protection for phishing which can help in cases when an email appears to be legitimate but is not.
Since these emails often ask for bank and other financial credentials, protection against phishing is a vital feature in any anti-spam tool.
“When looking for anti-spam and phishing software, it pays to pick a solution that gets bundled with anti-virus protection because some spam messages come laden with viruses and other malware.
By using a single software suite, users can simplify the process of securing a device while also improving the reliability of their system.”, Bethwel added
Kaspersky’s role in ensuring cybersecurity in this COVID-19
By the end of March 2020, Kaspersky announced the free availability of its core endpoint security products for medical organisations to help them stay protected from cyber threats during the pandemic.
The full list of products available for free for six-months included Kaspersky Endpoint Security Cloud Plus, Kaspersky Security for Microsoft Office 365, Kaspersky Endpoint Security for Business Advanced, and Kaspersky Hybrid Cloud Security.
Kaspersky also published a COVID-19 survival guide designed to educate users on how to mitigate the risk of them falling prey to the number of scams and cyberattacks out there.
The resultant lockdown conditions in many countries saw people stuck at home relying on digital technologies to continue work, school, shopping, and get entertained.
“As part of this education awareness, Kaspersky introduced a free online module providing work from home security guidelines to ensure remote workers do not endanger their businesses.
This online training solution takes approximately 30 minutes to complete and uses an adapting approach, so it remains personal, engaging, and ensures skills retention.”, he added
New waves of cyberattacks
According to Bethwel, there are a myriad of new COVID-19 scams and cyberattacks taking place as hackers look to exploit the current uncertainty around the world for their own financial gain.
“Some of the more popular forms of attack include the rise of fake pandemic map Web sites that attempt to steal sensitive data. These may look professional and even be well-designed.
They could feature real-time data and relevant links to useful content to make them seem authoritative.
However, these fake sites likely entice users to download an app, claiming to contain breaking news and other relevant COVID-19 information.
Behind-the-scenes, hackers are using these apps to steal sensitive data from the infected device.”, Bethwel stressed
Bethwel affirmed that in addition to the increase in COVID-19 phishing emails containing infected attachments or links to sites that attempt to install spyware and other malware, there has also been a rise in fake online shops and services claiming to sell essential COVID-19 products.
These attacks are targeting shoppers via email or through ads on social media platforms such as Facebook.
They typically focus on medical products such as hand sanitiser, face masks, and disposable gloves and sell them at greatly discounted rates.
But once payment gets completed, the products will either not show up or will be of much lower quality than the promise made.
The seller will often disappear soon after the purchase gets made, making them impossible to contact and difficult to trace.
Kaspersky’s advice to parents on their kid’s safety online
Taking a cue from Nigeria, according to the “Responsible Digital Parenting” survey, 56% of Nigerian children have their own smartphone or tablet.
Among such a big number, many of these children were 2-6 years old when they first got their own device.
Nevertheless, 31% of Nigerian parents have not discussed safety rules on the Internet with their child, which means that the children are not always aware of how to behave themselves safely online.
Access management is critical in this regard. This takes two broad forms. Firstly, parental control software such as Kaspersky Safe Kids gives parents the ability to manage the time their children spend online.
And then you have antivirus software program such as Kaspersky Anti-Virus that helps them deal with issues such as spyware and viruses from Web sites children may unwittingly visit.
A high-quality parental control solution makes it easy to set up restrictions for each user.
For example, user rights for a 16-year old teen could be quite different than that of the privileges of a 13-year old.
“It is still the parents’ responsibility to teach their children about the risks of online activity.
This can include not talking to strangers online especially when it comes to chat rooms, private messages, and comment threads.
Children must also be taught how to block and report online bullies. Most gaming and social media sites have user-friendly tools to do so. Most importantly, children must be aware that anything shared on the Internet is there forever.
Nothing can ever truly get deleted from the Internet. They must therefore be careful of what they say and what photographs they distribute.”, Bethwel commented
Kaspersky’s advice to individuals and SMEs on cybersecurity
- Do not open suspicious emails or click on suspicious links that promise exclusive Covid-19 content.
- Check file extensions of downloaded files. For example, documents and video files do not use the .EXE file format.
- Do not purchase products from unknown or irreputable sources. Do not purchase products from people you do not know and who approach you directly.
- Only obtain information from official, trustworthy sources.
- Protect yourself by ensuring you have reputable antivirus and Internet security installed on all your devices.
- Update your program and operating system with all the latest patches.
- Configure your home Wi-Fi connection to get encrypted to keep your information safe.
- Use business services for e-mail, messaging, and work-related projects.
Post-pandemic, what is the future of cybersecurity measures against cyberattacks?
The future of cybersecurity measures cannot get built based on fear. Eugene Kaspersky was quoted as saying that “the concept of cybersecurity will soon become obsolete, and cyber immunity will take its place.”
Cyber immunity is a great term to explain Kaspersky’s vision of a safer future.
In real life, a company’s immune system is never perfect, and viruses or other malignant microbiological objects still find ways to fool it, or even to attack the immune system itself.
However, immune systems share an important trait: they learn and adapt. They can be “educated” through vaccination about possible dangers. In times of peril, we can assist them with ready-made antibodies.
But using hardcore antibiotics makes sense only when the infection has already clawed its way in. It would therefore be better if the immune system can stop the infection before it takes hold.
“As with biological vaccination, Kaspersky expects the cyber immunity concept to get met with scepticism. But in this regard, trust in cybersecurity becomes of paramount importance.
To this end, Kaspersky believes that simply giving its word is not enough. If a cybersecurity firm’s clients want to see software’s security and integrity, they have every right to demand it – in the form of source code.
We make that available, and all clients need is a pair of attentive eyes and a PC to analyse how things work.
And just as you may seek consultations from various doctors, having a trusted third party view the code as well makes sense”, Bethwel concluded
Featured Image: Bethwel Opil, Enterprise Sales Manager, Kaspersky, Africa
Don’t miss important articles during the week. Subscribe to cfamedia weekly digest for updates.