Pandemic presents new cyber security challenges

24th April 2020


Russell Haworth

Russell Haworth
CEO (until March 2021)

A time of crisis brings out the best in many people, but sadly the worst in a few. Action Fraud warns that £2 million has already been lost to coronavirus-related fraud in the UK as cyber criminals take advantage of the current pandemic. The phrase ‘no honour among thieves’ springs to mind. And this is just one in a steady stream of headlines about the scams, attacks and campaigns launched by those hoping to make a quick buck off individuals, infrastructure and businesses.

Clearly, cyber space is another area of our lives in which we need to be taking more care today. As lockdown conditions have resulted in us conducting almost all aspects of our professional and personal lives via the internet, we need to put our security front and centre to keep ourselves, our data and our money safe.

This applies to individuals and businesses alike. At Nominet, as the registry for the .UK namespace and therefore critical national infrastructure, we are incredibly conscious of keeping our networks and servers secure and free from criminal activity. Our protective processes are the ones we do ordinarily of course, but we have been working with more focus over these past weeks to catch nefarious coronavirus-related activity. This includes monitoring new domain registrations for evidence that the site would be used for phishing to better protect the users of the .UK Domain.

We are also working hard to keep our staff safe online as we all now work from home, relying on one of the many platforms designed for remote working. Regardless of which one you are using, the mantra must be ‘user beware’. Recent reports have shown that criminals are trying to harvest Cisco WebEx credentials, for example, by sending out a security warning for the application. It seems these phishing attempts were launched rapidly following lockdown measures, by criminals eager to make money off those unfamiliar with the platforms they are now reliant on. Fortunately, our CISO keeps all staff aware of the current trends in threats and attacks, helping us all remain vigilant. We are also well-trained to never click on unfamiliar links in emails or download any software without express permission from the internal tech team.

The media also tells us that criminals have been hacking home and small office routers and, using DNS hijacking, redirecting any requests for websites to a DNS server that will connect users to fraudulent sites instead. Malware is then downloaded onto the user’s device for criminals to steal password details or cryptocurrency credentials. Experts believe that the hackers are simply guessing passwords, so it’s worthwhile to regularly change all the passwords you have for your home routers to keep your activity safe.

Are you using Zoom to keep in touch with your loved ones? Many of us are: the platform has added 22.2 million new users so far in 2020 – a serious jump from the 1.99 million new users in the whole of 2019. Unfortunately, the criminals immediately spotted a honey pot and have been hacking into accounts, using password details sourced from previous data breaches. These compromised accounts are sold online to facilitate ‘zoombombing’, a new style of trolling which involves dropping into calls to abuse participants or share violent content. Such activity likely drives a business’ decisions about which platforms to use for what communications – at Nominet, we have maintained use of our existing platforms but have others as designated back-ups for non-confidential communication.

Our behavioural changes are being taken advantage of when it comes to home entertainment services too. Recent statistics around phishing attempts from Check Point shows a tenth of all brand phishing attempts in the first three months of 2020 were posing as Apple, followed by Netflix.

In both cases, we can help ourselves by remaining cautious and alert. Keep passwords fresh and updated, and don’t click on a link in an email if the sender is unfamiliar or the correspondence is unexpected. Suspicion is your friend when it comes to online safety. And if anything unpleasant occurs to you during a Zoom call, or any other service, do contact the company to report it. It might help keep hundreds of others safe too.

Sadly, there is some criminal activity we can individually do little about. A report from INTERPOL warns of a rise in attempted ransomware attacks against hospitals worldwide. Criminals are trying to deny access to critical care services unless money is paid. It’s heart-breaking that, while our health services fight this virus and battle to save lives, criminals see only the opportunity for profit. Even worse is that it comes in spite of a promise (of sorts) made by the operators of the two most prevalent ransomware attacks to avoid targeting healthcare services during this time.

Thankfully, the tech industry is coming to the aid of those being targeted. Microsoft is working with healthcare organisations to protect them from ransomware attacks and other support is happening at a local level: for example, NHS Wales is to get free security services during the lockdown. At Nominet, we contribute in our own small way to protecting institutions via our Protective DNS service, which we run for Government to protect their internal networks as part of the NCSC’s Active Cyber Defence.

Above and beyond protection, there is the chance for proactive help from technology too. Not only has technology become a lifeline for most of us during lockdown, allowing us to continue to work, keep in touch, source entertainment and arrange for deliveries of food and medicines – it can also support the work of scientists trying to find a cure. Volunteers worldwide have been coming together to create a ‘supercomputer’, offering spare time on their personal computers to create a distributed network that is exploring the physical structure of proteins. This is a science that is believed will help researchers better understand the virus and therefore support the work to create suitable treatments.

As ever, technology provides both problems and solutions in our present circumstance. We must maximise the benefits and remain wary to the risks. And just as the basic precautions (washing your hands) are helping us beat the virus, the basics remain the best weapons we have against cyber criminals. Use complex, different passwords for each account; don’t click on links or open emails you don’t recognise; be suspicious of any requests for personal details; be cautious with what information you share across the internet, and put robust security settings on your accounts, devices and routers. Let’s make sure technology remains our friend and work hard to stop it becoming our foe.

Like this? Try these...