Cyber Crime “Gold Rush” in Covid-19 Era

On Sunday, November 29th, Chief Executive Carrie Lam announced that all schools in Hong Kong would be suspending in-person learning immediately and that classes would not resume on an in-person basis until, at least, 2021. It is clear, at this point, that the fourth wave of the virus is firmly impacting the city.

Restaurants are once again limiting their operations, businesses are starting to consider continuing work-from-home arrangements, and the normality which was briefly realized between the waves of infection is starting to be stressed. While the issue of Covid-19 is well understood at this point, and the need for social distancing, isolation, and facemasks (as directed by medical professionals) is unquestioned, the pandemic presents a far greater range of risks than those merely related to healthcare, health and wellbeing.

One of the most concerning areas for fallout which we have seen is in relation to the internet and cybercrimes. While Cyber Insurance was a secondary purchase at the start of the year (if considered at all) and this situation has not fundamentally changed the way in which businesses and individuals consider digital insurance protection, it should be a fundamental component of a comprehensive risk management strategy.

The Internet is still the Wild West

Despite the best-efforts Governments and Transnational regulatory organizations, the internet is still very much the wild, wild west. From the surface level that we touch every day with our emails and connected devices through to the lower and mysterious portions of the dark web, there is an awful lot that can and will go wrong.

A common joke on a website like Reddit is to say “Hello” to the various and supposed monitoring entities that are watching your online behavior. While this is a meme within that specific community, the premise is not wrong. In fact, any time you’re online you should be assuming that your activities are being monitored. Whether this is by law enforcement or a government agency, or the monitoring is being undertaken by a more nefarious organization, your metadata – the information which identifies you as being you on the internet – has likely been exposed due to your use of the internet.

This is a concern in and of itself, but on the back of the change in digital behavior caused by Covid-19 for both individuals and businesses this exposure is the least of our worries.

With the move to social distance and isolate, many people and businesses have made the decision to work remotely in 2020. This increased the number of remote computing devices, and reliance on the cloud. However, if devices are not secured properly the utility of remote work is potentially crippling to an organization. According to a WebRoot study earlier this year, roughly 40 percent of new remote desktops were left unsecured.

With new devices to target, and with those devices being open to manipulation, the number of attacks focusing on Remote Desktops increased by almost 400 percent in March and April of this year. Leading Anti-Virus firm Kaspersky has issued the alarm over the brute force attacks being perpetrated by criminals around the world.

But it is not just brute force issues we’re facing; email is still a problem. With users almost three times more likely to fall victim to a pandemic phishing scam than they normally would be, and with scam email relating to the Covid-19 pandemic surging over 650 percent this year, its not hard to see that there is a major problem that is going overlooked.

In August of 2020, InterPol reported that global cyber-crime events were growing at an alarming rate during the pandemic. The decentralized, remote, work-from-home situation caused by the Covid-19 Coronavirus pandemic worldwide has created an environment rife for opportunity in the eyes of cyber-criminals. Although the attacks themselves are vastly the same as their pre-Covid iterations the fact that Covid-19 is a clear and present danger has made it vastly easier for criminals to successfully perpetrate an attack on their victims.

Cyber Crimes come in many different forms

The existence of Covid-19 has enabled cyber criminals to put a much more urgent and critical spin on their attacks. This urgency, and the need for information in the face of an international health crisis has created a perfect storm; the traditional attacks have been updated and made far more dangerous in light of this.

Malicious Domain Attacks

Cyber criminals are taking advantage of the international desire for news around Covid-19 and are creating websites that take advantage of Search Engine Optimization and Marketing to target individuals looking for information. Once on the website the user is exposed to Malware/Viruses, Phishing Scams, and C2 servers. Malicious domain registrations have increased by 560 percent this year, and website phishing and malware events have increased by over 700 percent.

Malware and Ransomware

Ransomware attacks, whereby an attacker takes control of a computing device and locks the owner out until a ransom has been paid, have spiked in the last 6 months. Ransomware is generally a targeted crime of opportunity, and the recent attacks have been hitting organizations perceived to have no other choice but pay the ransom. These include Hospitals, Medical Doctors, and Government Agencies. Ransomware attackers often have a sophisticated understanding of their victims and will normally know exactly how much they can ask for, and how much the victim can afford.

Email and Phishing Scams

Unsurprisingly, cyber criminals have increased their usage of email and the corresponding phishing and attachment attacks in light of Covid-19. Impersonating either a business partner, law enforcement, or even the government, attackers are able to get victims to either give away their personal information or download a piece of malware onto their computer. It is important to remember that not all phishing attacks take place entirely on the internet or via email, and that there may be a social engineering component at play.

Data Harvesting

Using Covid-19 as a lure, criminals are able to make use of all the above mentioned attack vectors to deploy programs onto their victim’s computers and networks. In the case of a business this may mean the loss of vital information, leading to lost revenues or customers. It could also be as simple as the criminal getting access to your banking details and siphoning your network. Sometimes the criminal may want to make your computer a zombie in a botnet and use it to attack other parties.

Cyber Crime is real; you need all the protection you can get

Unfortunately, the situation we find ourselves in will only get worse. The paradigm has shifted and the pre-pandemic assumptions once held about the world may not, in fact, be entirely true. Across the fortune 500 and within our own Hong Kong SME community the conveniences and ease-of-access presented by remote a cloud-based workforce is proving to be not entirely unattractive.

However, there are pitfalls here and, as should be immediately obvious based on the case we have presented above, there is no small amount of risk and exposure. Moving to a fully digital business environment would mean that there is no need to purchase office contents insurance (if you have no office, there will be no contents). We have discussed, writ large, the dilemmas of home vs work identification in relation to business insurance; and while that is a separate topic, the move into employee’s homes holds, arguably, greater risk than having that employee work out of your office.

Cyber Insurance products are historically the least purchased in the Hong Kong Professional and Financial Insurance market. There has, up to this point in time, been a perception that Cyber Insurance isn’t necessarily a major component in a company’s risk management toolset. This has in turn lead to a woeful underutilization of cyber insurance just as the shift to full digital reliance is being made.

Fortunately, there is no better time than the present to consider protecting yourself. CCW Global is able to provide comprehensive cyber insurance options which will protect your organization against the risks developing now, and those which will be developed in the future. Cyber insurance products are flexible and bespoke forms of coverage which are tailored to meet the exact risks your organization faces and give you access to the support you need in a worst-case situation.

While it may be easy to assume and think that the terrors of the internet will never impact you or your business, that would be incredibly naive. The numbers alone prove that, even if by pure chance, you are likely to be the victim of at least one cyber crime in your life. The measures you take now to protect yourself against that risk will determine how much that crime impacts your life.

If you would like to arrange a free, no-risk, no-obligation consultation with an expert cyber insurance broker to discuss how your organization could benefit from more comprehensive digital insurance coverage, please Contact CCW Global today.