How COVID-19 Is Leaving Data at Risk
COVID-19 has drastically reshaped everyday life, causing people to reassess their priorities and adjust to spending substantially more time. As the world grapples with the coronavirus pandemic, the risk to global data may go up. Here are a few reasons why the coronavirus could erode data protections.
Coronavirus Scams Could Seize or Lock Down User Data
Scammers often prey on the public’s desperation to achieve their aims. For example, the U.S. government warns that scammers frequently insert links that redirect to malicious websites when composing emails to hurricane disaster victims. The message body might ask someone to click on a link to make an insurance claim or request disaster relief, then take that person to a site that infects their computer with malware that compromises data.
Coronavirus-related versions of this scam are already cropping up. Cybersecurity researchers examined an Android app that promised to help users get face masks. They found that it took the contacts data from people’s phones and sent them text messages, urging them to download the app, too. The main problem is that the content contains a link with a trojan virus.
The same research team also referred to a different COVID-19 app that claimed to tell a user if someone nearby contracted the virus. It only installed ransomware on a person’s device.
People May Sacrifice Privacy While Working From Home
With many workers around the world forced to stay home, they have no choice but to conduct business remotely through platforms such as Zoom. Getting stuff done this way is still a novel idea for many users. Some of them post screenshots of their Zoom meetings, showing social media followers how they’re staying productive throughout the social media crisis.
For example, British Prime Minister Boris Johnson published such an image of a Zoom chat with cabinet members. It showed the Zoom meeting ID in the corner of the screen, which curious members of the public tried to use to access the meetings. Password protection prevented them from getting in, but security experts pointed out that some usernames shown in the screenshot may compromise the privacy of some meeting attendees.
Everyone at an organization has a responsibility to protect its information systems and data confidentiality. That remains true even if a worker is at home in their pajamas. Staying productive in a new environment may make people forget to take the same precautions they would at their offices when handling confidential data. If they do, private information could unintentionally leak.
The Coronavirus Crisis Delayed Cybersecurity Audits
The coronavirus is forcing companies everywhere to shift their workloads. Sometimes, though, that makes cybersecurity take a backseat. The United Kingdom’s National Health Service (NHS) announced a six-month delay in its security audits.
The organization, and others related to health and care, must ordinarily go through an annual checklist to gauge their current cybersecurity level. But, the NHS will hold off on doing so for months, redirecting resources to prepare for a COVID-19 peak. They did so despite an early warning from an NHS executive who expressed concern about cybercriminals exploiting the coronavirus chaos.
Cybersecurity Teams May Not Respond to Data Breaches as Quickly or Effectively
Cybersecurity professionals are typically among the people who must work from home during the coronavirus pandemic. Thus, they may have difficulty monitoring a company network from afar and find it’s much more challenging to thwart attacks.
Marriott recently suffered another massive data breach. It impacted about 5.2 million people, and the hotel chain reportedly discovered the matter at the end of February. It’s also now furloughing workers due to the business impact of the coronavirus.
The brand did not cite COVID-19 as a contributing factor to the breach. It’s worth remembering, though, that hackers love to capitalize on weakness. The event is Marriott’s second massive breach in as many years. Also, Marriott operates around the world. By the time it found the problem, the company was almost certainly already feeling the effects of a substantial travel downturn that led to fewer bookings at its properties.
Hackers may have seen Marriott as an easy target, even without considering the effects of the coronavirus. If they also realized that many cybersecurity professionals are working from home, they could have also assumed that such a situation would make any attacks harder to attack or mean that teams take longer to resolve them.
No Time for Complacency
The examples here show why cybercriminals may view the coronavirus outbreak with glee, knowing it makes it easier to orchestrate successful network infiltrations. However, anyone who handles information must remain vigilant and understand the new data-related risks that COVID-19 brings.