“I’m writing to express my strong interest in working for your company,” says an email with the subject-line ‘Applying for a job.’ “Please see my attached CV,” it continues. Prima facie, this letter seems legitimate, like many million others sent these days. After all, unemployment in the country is the highest it has ever been since the Great Depression of the 1930s. But this letter is an example of post-COVID cybercrime that uses malicious CV and medical leave forms to spread banking Trojans and info stealers. When opening the attached file, recipients are asked to “enable content” and when they do, a malicious macro starts running. Once a device is infected, threat actors can use the malware to carry out financial transactions on this same device.
While world governments are easing quarantine measures, cybercriminals are ramping up their malicious activities. “In May, there was a 16% increase in cyber-attacks compared to March-April, when coronavirus was at its peak,” says Check Point Software Technologies Founder and CEO, Gil Shwed. “This was largely due to the increase in malware attacks.”
According to recent reports, high unemployment rates have made individuals more vulnerable to scams and phishing attacks involving relief package payments. Shwed tells us that in May, 250 new domains containing the word “employment” were registered. 7% of these domains were malicious and another 9% suspicious. “We witnessed more than 158,000 coronavirus-related attacks each week.”
The COVID-19 pandemic may be dying down, but the cybercrime pandemic, as described by Shwed, is alive and here to stay. In fact, he warns us that present realities may trigger an increase in cyber threats. At “The New Tomorrow,” an e-summit organized last week by the Israeli-American Council (IAC) and the Peres Center for Peace and Innovation, Shwed warned viewers that “cybersecurity is about to change dramatically. The last three months have advanced technology by five of maybe even ten years,’’ he declared. “Services have moved online in a rapid manner; companies have removed barriers.”
Until recently, companies obliged developers to work at company facilities in the hope of controlling intellectual property. Then came Corona. In literally one day, businesses had to go from one extreme to the other, and allow employees complete access from home.
Based on data that Check Point has gathered so far, it seems that hackers have quickly found ways to hack the personal computers of employees and “through them, get into the Crown Jewels,” he explains.
As we conduct this interview from different continents via zoom, he admits that the new norm brings great dangers. “After years of incessant traveling, I learned that I could work from home,” he admits. “Working remote can even be more productive than traveling and working at the office.” This comfort comes with great risks. “I'm working from my home device on the company's work surface with kids working from their computers as well; in addition, there are phones and other home devices around, which creates multiple potential cybersecurity hazards and risks of infection. It only takes one wrong click.”
While he is confident that most popular sites like Zoom are well secured, the threat is growing and precautions must be taken. “Organizations and businesses should prevent zero-day attacks with the appropriate cyber architecture that blocks deceptive phishing sites and provides alerts on password reuse in real-time.”
The increased use of the cloud leads to an increased level of security, especially in technologies that secure workloads, containers and serverless applications on multi and hybrid cloud environments.
Check Point developed "Infinity", a new tool against the cyber pandemic. It has a holistic cybersecurity architecture that protects software and hardware everywhere, including perimeter cloud, IoT, mobile, endpoint, network, critical infrastructure and in our homes. Through the system's sophisticated zero-day prevention techniques, companies can manage and monitor their risk posture, which can be viewed through real-time shared threat intelligence, from one unified panel, to eliminate any infection blind spot.
In the days ahead, the dangers lurking online should make us alert and cautious. It is not only businesses that should protect themselves and their employees: we should all wear our “virtual masks of protection” online. Shwed warns us to beware of lookalike domains, spelling errors in emails or websites, and unfamiliar email senders. “Be cautious with files received from unknown senders, especially if they prompt a certain action you would not usually do. When shopping online,” he adds, “do not click on promotional links in emails, or special offers. Instead, Google your desired retailer and click the link from the Google results page.”