The coronavirus is wreaking havoc on everything in our lives. It’s hard to find something that hasn’t been impacted in a major way as we attempt to limit the spread of the virus. Cloud security professionals should pay close attention to how our online needs are rapidly changing — these new adjustments are more than just necessary to make things work in the interim. The workarounds to keep our lives as normal as possible could permanently define the way we work, study, and do business from here on out.
We at Nightfall put together a list of eight ways COVID-19 is making an impact on common things we use and interact with every day. A main takeaway should be that none of these are new problems, just that COVID-19 is shining a light on them. And in most cases, making these problems even worse.
- Schools are struggling to adapt to remote instruction and facing vulnerabilities brought on by COVID-19
The issue: School districts in the United States typically face big challenges with cybersecurity and protecting student data. This is often due to a lack of funding and/or allocated resources for an IT team to keep up with the district’s security needs. Accidental sources of data leaks like misconfigured systems or unsecured third- and fourth-party vendors leave school districts at high risk of security breaches in school districts.
Wired Magazine reported on how the pandemic is amplifying these risks with the massive rush to transition to distance learning in the spring. Suddenly, millions of teachers and students relied on video chat software, lesson portals, digital message boards, and other online tools. The goal is to retain education continuity for students, but security is often an afterthought in the haste to get virtual learning resources online.
Impact on cloud security: Many of the most popular online education resources, like Zoom, can easily become an attack vector without proper authentication and controls setup. Remote tools like VPNs that connect students to teachers and resources are also high-risk. At the end of June, the Federal Bureau of Investigation issued a security alert about the threat of ransomware to schools amidst the COVID-19 crisis. “K-12 institutions have limited resources to dedicate to network defence, leaving them vulnerable to cyber attacks,” the FBI warned, according to a ZDNet report.
In the month of June alone, Wired reported more than 4.7 million malware incidents were detected in the education industry broadly worldwide, according to Microsoft’s Global Threat Activity tracker — more than 60% of all the corporate and institutional malware incidents reported during that time.
As schools across the world gear up to get back to learning in the fall, it’s clear that cybersecurity should be a top priority to ensure data safety for students and business continuity for the educational institutions.
- Social engineering hacks are increasing by feeding on the fear of the virus and misinformation
The issue: Social engineering hacks have always been a thorn in the side of IT departments. During times of crisis, users will rush to resources to stay informed and connected. COVID-19 has created the perfect environment for scams: the increased demand for accurate information on health and safety and government mandates has led to the explosion of misinformation about the outbreak, often coming from websites that spread malware or from other unsecured resources.
Everyone is more dependent on the Internet now — and many of the most used platforms and apps operate in the cloud. Users face challenges almost every day, with increased DDoS attacks on public-sector websites, phishing attempts, and other threats cloaked as legitimate COVID-19 information. It’s getting harder to separate the noise from the truth. Global crises like COVID-19 easily dismantle cybersecurity standards because they put a tremendous strain on resources and increase stress and anxiety among the end users. When defences are down, social engineering attacks go up.
Impact on cloud security: InfoWorld reported that cyber attacks have spiked during the first half of 2020. The FBI noted that as of 28 May, it had received nearly the same number of complaints for this calendar year as for all of 2019. Social distancing is highly encouraged to help stop the spread of the virus. As we remain apart, we seek out more ways to stay connected. Increasingly, this means we’re communicating in the cloud — and the cloud isn’t the safest place by default. Protecting personally identifiable information (PII) is essential. IT teams must find ways to balance access to cloud systems and apps with strong security measures.
- SMBs are increased risk of compromising their cloud systems with COVID-19
The issue: Small and medium-sized businesses (SMBs) typically struggle with huge technical debt, especially when it comes to cybersecurity. Running a small business means every penny counts. In many budgets, tech and cybersecurity don’t have a line item. Security Magazine reported that in December 2019, 64% of small businesses said they were planning to devote more resources to cybersecurity in 2020. But in the wake of COVID-19 and the economic downturn, these planned improvements are likely to be deprioritised.
Impact on cloud security: The report in Security Magazine polled 383 SMB owners and managers and found that 15% experienced a major security event in 2019:
- 7% were hacked
- 5% dealt with a virus
- 3% suffered a data breach
SMBs moving their operations online means they bring their cybersecurity threats with them. All their attack vectors can quickly become vectors for other users if they connect to cloud apps. A strained budget that can’t support proper cloud security measures puts everyone in danger. It’s a difficult balance for SMBs who are seeking to keep their businesses afloat.
- Tracking apps rushed to market pose high risk of getting hacked
The issue: One solution to reintegrating employees back into offices and other workplaces is contact tracing apps. It’s one way to track who an infected person may have had contact with, and thus reduce the risk of spreading infection into the workplace. The problem with these apps is that they’re relatively new and have been rushed to market, leaving them open to hacks and other data leaks.
The lack of security oversight was exposed in May, when the state of North Dakota conceded that its smartphone app, Care19, had been sending users’ location data to the digital marketing service Foursquare. Qatar’s national COVID-19 tracking app had a flaw with the most dire potential consequences: it would have allowed hackers to obtain sensitive information on more than one million users, including their names, national IDs, health status, and location data.
Impact on cloud security: The big hurry to push the apps to market led to these and many other problems. After an app in the Netherlands exposed about 200 people’s names, email addresses and encrypted passwords, one of its co-developers said the breach was due to a rush to publicly release the app’s code.
“The speed and scale transitioned at such a rate that they didn’t really consider security in the beginning,” said Kelvin Coleman, executive director of the National Cyber Security Alliance. “It was a topic for them, but not top of mind.”
- COVID-19 is straining healthcare budgets and IT resources
The issue: Coronavirus is surging across the US, with more cases confirmed and more hospitalisations reported every day. Healthcare resources everywhere are being pushed to the limit, from available hospital beds to a lack of personal protective equipment for medical professionals. As with the other industries and sectors on this list impacted by COVID-19, healthcare IT is also facing strained budgets and resources, leaving these IT departments at higher risk of a breach or cyber attack.
Healthcare Finance News cited a Department of Health and Human Services report from June on the increase in cybersecurity breaches in hospitals and healthcare providers’ networks which may be due to COVID-19. Between the months of February and May of this year, there have been 132 reported breaches, according to the HHS. This is an almost 50% increase in reported breaches during the same time last year.
Impact on cloud security: A lack of security oversight and rushed cloud adoption is the main contributor to the increased risk. Remote healthcare relies on apps and portals, which may not be up to required security standards. Data leaks and other vulnerabilities can spill massive amounts of protected health information (PHI) outside the organisation. Temporary medical facilities are essential in the fight against COVID-19, but these were created with patient care and treatment in mind. Cybersecurity was not part of the plan in the coronavirus response. Any unsecured access point in the healthcare chain can have devastating security impact.
“The healthcare industry has, in the past few years, been one of the most targeted industries for cybercriminals. So it’s only natural that at a time of crisis, we are seeing more and more attacks on the healthcare industry,” said Natali Tshuva, CEO and cofounder of Sternum, an IoT cybersecurity company that provides medical device manufacturers with built-in security solutions.
- Remote work puts more cybersecurity responsibility on end users
The issue: Working from home has become the new norm for many, especially in the tech industry. This shift to remote work was borne out of necessity to slow the spread of COVID-19, but the reported increase in productivity among workers and potential reduced operating costs for organisations may extend these privileges well beyond the pandemic.
Unfortunately, current work from home policies don’t always include tight security controls for ender users. Security Magazine reports 56% of employees are using their personal computers as their company’s go remote in response to COVID-19, and nearly 25% of employees working from home don’t know what security protocols are in place on their device.
Impact on cloud security: More organisations are turning to chat and collaboration apps like Slack and Microsoft Teams. According to the Security Magazine report, 20% of workers said their IT team had not provided any tips as they shifted to working from home, and workers acknowledged they were the least cautious in using these types of services.
The onus is to keep data and systems secure has shifted to the end user, but without proper security tools in place, the integrity of entire cloud systems is at risk. Remote workers need support from their IT departments to make security a priority every day.
- COVID-19 increases security risks for the fintech industry
The issue: The healthcare industry, fintech is suffering increased security risks from COVID-19. Reduced budgets and staffing due to the economic downturn have stretched the capacity of IT teams in this industry, with a 238% surge in cyber attacks against banks, new research claims since the pandemic began.
According to the third edition of the Modern Bank Heists report from VMware Carbon Black, which includes input from 25 CIOS at major financial institutions, 80% of firms have experienced more cyber attacks over the past 12 months, an increase of 13% year-over-year.
Impact on cloud security: The Modern Bank Heists report shows that 27% of all cyber attacks target either banks or the healthcare sector. These industries share a lot of the same indicators: similar detectors (PII data is used in both), strict government and industry regulations (like HIPAA or GLBA), and massive stakes in a cybersecurity breach.
Leaked bank or health records can lead to massive exposure liability for an organisation. As more systems are being backed up in the cloud, fintech companies must strengthen their data controls to prevent business-critical PII from improper access and exposure.
- Incredibly high demand for online shopping strains e-commerce and shipping security
The issue: Shipping for e-commerce orders is impacted due to increasingly high demand of online orders. It’s safer for our health to stay home and shop on our computers and mobile devices — but how does this shift impact cybersecurity?
For shipping providers and e-commerce businesses, the goal is to sell more items and ship more packages, all at a faster rate. Security takes a backseat to the goals that drive revenue for these companies. The pandemic has upended global delivery systems as countries close their borders and companies reduce their workforces. Estimates from Facteus say consumer spending on Amazon is up 35% compared with last year.
Impact on cloud security: COVID-19 has touched e-commerce cybersecurity as well. The increase in delivery demand has allowed phishing emails scams to thrive. As customers turn to more websites to fill their need for groceries, medication, and other essentials, they put more of their data out into the world. A well-meaning employee could be using their cloud-connected work computer or device to place an online order, unaware of the possible data exfiltration danger lurking on untrusted sites. All it takes it one order on an unsecured site for sensitive data to be exposed.
Curtailing COVID-19 cybersecurity challenges
Maintaining business and security continuity during a global pandemic is a tough task. Many of us are already taxed and tired from the everyday stress of dealing with uncertain times. Cybersecurity should be a priority for all teams, in all industries. By relying on automated DLP solutions like Nightfall, your organisation can relieve some of the pressure of keeping data safe. More focus on security is just good business sense.
Nightfall is the industry’s first cloud-native DLP platform that discovers, classifies, and protects data via machine learning. Nightfall is designed to work with popular SaaS applications like Slack & GitHub as well as IaaS platforms like AWS. Schedule a demo with them to see their platform in action.