The pandemic is a racecourse for many a Trojan horse
As the number of COVID-19 cases continue to increase, the dependency on digital technologies and remote working is intensifying and business as well as social interactions are confined to video calls, and other chat applications. Such newfound dependency on digital has only broadened the surface for cyberattacks and related risks, which can potentially deprive individuals and enterprises access to their devices, data or even the internet. It’s no surprise that some of the conferencing apps with the highest usage during this time, have been the target of cybercriminals. An associated question being raised is also around data handling and data privacy as a whole lot of personal information and call data and logs – that are subject to privacy norms – are moving through these platforms.
Just a couple of weeks ago, more than 2,000 Israeli websites were defaced with an anti-Israeli video and a code that asked for permission to use visitors’ webcams. In some cases, the code attempted to take a picture of the user and send it to a remote server too. When the pandemic staring picking up steam in India, the district administrator’s office in Pathanamthitta, Kerala, was also prey to cyber attackers who came with a single intention – to disrupt information flow and operations. We also witnessed state sponsored hackers who were using this opportune time to infect their targets – Chinese, North Korean, and Russian government cyber spies were caught using COVID-19-themed emails to infect victims with malware.
As cybercriminals leverage the disruption brought about by this pandemic, a recent report concluded that the total cloud-based cyberattacks on Indian companies rose by 630% between January to April 2020. As such, it is extremely important for organisations to grasp the need for enhanced security strategies. CISOs need to become cybersecurity enablers. At the same time, CISOs will also have to dig into the fundamentals of security and focus on three key areas – a cross-functional and collaborative team, deployment of right monitoring solutions to identify COVID-19 related phishing and malware attacks and sticking to trusted partners and vendors to support their current needs.
Pandemic as a smokescreen
The pandemic has had an immediate effect on businesses who are now facing myriads of operational challenges. They are being forced to embrace new digital solutions and rapidly migrate to interconnected technology platforms to ensure businesses continuity and minimise economic impact and cybercriminals around the world are capitalizing on this.
While we see a global spike in the cyberattacks, phishing attempts in India have gone up by 667%. The latest and widely reported threat vector, which uses COVID-19 themes for phishing or malware attacks, highlights the evident change in the nature of threats, as attackers exploit catastrophes and human anxiety to obtain credentials and deliver malicious payloads.
Multi-layered security architecture
Although cyberattacks are not novel to the world and cyber security has been stirring conversations for the last few years, organisations now need to relook at their security framework and deploy a comprehensive, multi-layer information security strategy that includes Confidentiality, Integrity and Availability (CIA).
Further, as businesses focus on service continuity, Availability, which is one the key pillars of the CIA strategy, has emerged as a vital factor. The foundation of service availability and its technology architecture must rest on internal teams as well as long-standing and trusted external partnerships with service providers. This is most critical during these times, when a number of enterprises have nearly their complete workforce working from home.
Followed by Confidentiality, which is imperative as many CISOs are now battling a sense of lowered security with businesses operating remotely from public networks. This is where the balancing act of a CISO to facilitate different accesses, whilst carefully assessing security and risks to both; employees and organisations will become crucial and take centre-stage.
Integrity, meanwhile, is a crucial supporting pillar for digital business, as there needs to be trust around the data, use and transaction flow for digital business to be executed. Hence, Integrity can help stitch together data protection, monitoring changes and privileged access to facilitate business continuity in the COVID-19 environment. A robust security architecture supported by tools such as traffic and email monitoring, filtering and blacklisting solutions, device profiling and user behaviour analysis solutions can surely help in pinpointing any compromised users or machines.
Governance and cross-functional collaboration
As the management and IT teams reassess the risk to their data and organisations consider their response, the CIO and CISO must focus on developing and maintaining visibility across a very extended and transient IT landscape. They also need to adjust the necessary equipment supply and remote access to the organisations network to ensure that the organisation can sail through the huge, unexpected surge in demand for remote-working capacity.
However, it’s equally vital for various parts of the organisation, such as safety, security and risk management, to come together and make sure that the organisation continues to function seamlessly. And the CISO is a crucial pivot in the business continuity strategy for enterprises to facilitate this.
CISOs are central to contingency strategies
With technology mediating every single interaction in the business sphere, globally and locally, the CIOs and CISOs have emerged as the key players in conceptualizing and executing large-scale crisis response plans effectively, thereby playing a central role in the ongoing pandemic, ensuring economic outcomes do not suffer beyond repair. CISOs need to orchestrate various access channels and evaluate them against the organisation’s security and risk management posture to realise organisational stability.
If one thing is certain in these uncertain times, it is that what may be secure today may not essentially be safe tomorrow. With Covid-19 disrupting civilians and businesses alike, CISOs will become indispensable, especially when it comes to managing enterprise risk and articulating security priorities.
Use trusted partners
In the current situation, the need for a rapid response to Covid-19 and with millions of people working remotely, the cloud has undoubtedly emerged as the single unifying thread. However, considering the lack of return on investment on buying infrastructure for short-term requirements, a trusted partner who can deploy and manage expert solutions from virtual infrastructure can help meet the immediate needs.
Additionally, in times of force majeure, being flexible on Service Level Agreements and the norms can help reduce disputes.
Avinash Prasad is the Vice President and Head for Managed Security Services and Content Delivery Network at Tata Communications