top of page

When Pandemics Go Digital: The Rise of Cyber Viruses Exploiting the Pandemic

As I sit at home during this partially-voluntary quarantine, I am thinking about the ancillary effects of this pandemic. I’m not trying to be an alarmist, but thanks to this social distancing campaign there are valid concerns from a technological and cybersecurity perspective. The challenges we are facing are only just beginning. Unfortunately, it will get worse before it gets better. 


Image: Pixabay


First, I want to share some lessons I’ve already learned from this situation: 

  • We need to keep a few months of toilet paper in stock in the house—so when everyone all over the whole world goes nuts and all decide simultaneously that, for some inexplicable reason, they need half a decade’s worth of toilet paper immediately—we won’t have to worry about running out. Seriously, one of those big Costco packs of toilet paper lasts my family of four nearly a year, yet the demand at Costco was high enough for them to find it necessary to put a limit of 5 per customer! (KHON2 News, 2020). Brawls have literally broken out over this plush and quilted necessity of the modern era. Apparently, some have felt it necessary to protect this most valuable natural resource with law enforcement (see picture below). I went to Costco the other day, and even a week after the initial run on TP, their delivery of pallets of TP ran out in 25 minutes! And by this point they further limited it to one pack per cardholder. 

  • Corona Cerveza, while enjoyable, is not in fact an acceptable vaccine for this disease—I had figured I’d try to fight fire with fire, but I’m told that “that’s not science.” Whatever.

  • Make sure to always have enough earplugs so we can get a little peace and quiet from our little demon spawn, er… I mean lights of our life, when trying to get work done at home.

  • We all need to be more diligent in keeping our business continuity plans updated and tested, and include pandemic as a likely scenario, if it’s not already.

  • Finally, haters gonna hate and hackers gonna hack



It is the last two I really want to focus on. The cybersecurity field has matured enough in the past few decades that executive leadership in most industries have a much firmer grasp on the necessity of an adequate security program. Many organizations have a contingency/business continuity plan that includes pandemic as a scenario, yet were still caught off-guard by the suddenness and the extent of the social distancing campaign. Helmuth von Moltke the Elder is credited with claiming “No plan of operations extends with certainty beyond the first encounter with the enemy's main strength.” Granted he was talking about war, but the point remains when we face an enemy, such as a pandemic, there are many variables for which we cannot always account. For many, this outbreak has tested and stretched the limits of our best planning efforts. Unfortunately, with uncertainty and chaos comes a susceptibility to becoming the victim of malicious intent, be it from organized crime, cyber-vigilantes, state-backed hacking groups, or bored individuals taking advantage of the situation for personal profit and in some cases to be a nuisance. 


Some of us are fortunate enough to be able to leverage technology to have at least some continuity in our business operations. However, when such decisive actions are called for, if they have not been pre-planned, they can be implemented in haste. This hasty implementation can easily result in unintended consequences that can leave us vulnerable. I have long espoused the notion that security is only useful insofar as its support to the primary objectives of the business; all the security in the world is useless if it prevents your business from fulfilling its mission. Therefore, the initiation of a business continuity plan necessarily prioritizing getting the business back up and running in some capacity above all else. Unfortunately, this means that security often takes a back seat. If a continuity plan has been well thought out, it’s possible to implement it without introducing vulnerability, but sadly this will not be the case for a lot of organizations. During a crisis such as this, the security team is likely focused on getting things back up and running, the luxury of performing risk assessments on every solution may not be possible. Teleworking solutions need to come out fast and they need to work, potentially at the expense of security. 


In order to facilitate the influx of remote users, organizations have to accommodate more traffic than usual. In some cases, users who would not ordinarily be provided with virtual private networking (VPN) access will now require this access, increasing the number of external users. Home PCs used to connect to the VPN may not have basic security protections such as antimalware software, updated patches, reasonable firewall rules, etc. Furthermore, this increase in traffic can have deleterious effects on the bandwidth companies can accommodate. With people working from home while simultaneously trying to take care of their children, we are already potentially less productive than normal. Moreover, we are typically reliant upon our Internet connections (which may be overtaxed due to the kids, bored at home, streaming Netflix or other video services) in order to get work done.  Throw in some distributed denial of service attacks (DDoS) and you may be dead in the water. Ensuring that systems are patched, that firewalls are properly configured, and anti-malware software/definitions are up to date can go a long way in helping to prevent issues. 


Additionally, in order to facilitate teleworking communications, it may be necessary to open up entry points into networks that otherwise would not be there. Any time a new communication method is introduced, a network is being exposed to increased risk. Some solutions such as the use of remote desktop software/protocols, for example Remote Desktop Protocol (RDP), if not correctly implemented, could expose potentially more vulnerabilities. Also, those programs and protocols tend to be bandwidth intensive further burdening networks. Moreover, trust relationships between servers and local workstations can be exploited to permit access to datastores and applications that would otherwise be protected at the perimeter. 

A situation like this, wherein we are all focused on other things such as the health of our loved ones, creates the perfect opportunity for mayhem. Unfortunately, there is never a shortage of people with a lack of ethics who are looking for any way to exploit a crisis for their own gain. 

We have already seen a spike in malware and phishing campaigns that are trying to capitalize on this situation. Undoubtably, these threats are only going to increase in the coming weeks and months. Phishing and social engineering are always a challenge in the information security field, but this is especially problematic when everyone craves more and more information about when their lives will return to normal.


Please remember to be highly suspicious of anything that requests personal health or financial information, asks you to click on a link, has an attachment you are not expecting, or otherwise seems unusual or suspicious. Just because you are paranoid does not mean they are not out to get you. Keep your family safe from the biological virus, but don’t forget to keep your computers and networks safe from digital ones as well.



 

Ryan D. Meglathery, CISSP, MBA is a cybersecurity and privacy leader with over 20 years in the industry. He has held the designation of Certified Information Systems Security Professional (CISSP) since May of 2003. He also holds a Master of Business Administration degree from the University of Virginia's Darden Graduate School of Business. He specializes in cybersecurity and business strategy in the financial, healthcare, hospitality, technology, and manufacturing sectors. He can be reached via his LinkedIn page at Ryan D. Meglathery, MBA.

 

Sources

KHON2 News. (2020, February 27). Residents stock up on emergency supplies amid coronavirus concerns. Retrieved from KHON2: https://www.khon2.com/local-news/residents-stock-up-on-emergency-supplies-amid-coronavirus-concerns/

 

Editor's Note: This article was originally published on LinkedIn in March 2020 during the height of the COVID-19 pandemic. At that time, the world was grappling with unprecedented challenges, and I wanted to shed light on the less-discussed impact of cyber threats during such a global crisis. While the article reflects the context of that moment, the insights remain relevant today as we continue to navigate the evolving landscape of cybersecurity. I’m sharing it here as an example of my work and as a reminder of how intertwined our physical and digital worlds have become.

1 view0 comments

Comentarios


bottom of page