a person wearing a mask working on a laptop

COVID-19 is Playing With People’s Emotions and Increasing Their Cybersecurity Risk

2020 hasn’t been an easy year for most of us, and we don’t want it to be any harder than it needs to be!

Due to the sudden and significant increase in time spent online with the continued implementation of remote learning and remote work, some businesses may be left open to attack due to a lack of preparation. With emotions high and as average hours spent online continue to increase, so does our average cybersecurity risk factor—that’s just a numbers game.

Thankfully, there are plenty of opportunities for increased security during these challenging times, as well. Given the significant demand for cybersecurity workers already, it should come as no surprise that these additional factors are exponentially increasing that demand even further! This increase will allow more and more potential cybersecurity professionals to step up to the plate and help fight the ongoing global battle against cybercrime.

Added Security Risk Due to Increased Time Spent Online

When COVID-19 brought life as we knew it to a halt back in March, no one could have foreseen what we had in store for us. Over the course of the past ten months, remote learning and remote work have become a norm for a large swath of society.

Many businesses are concerned with the increased security risk of having their organization so disappeared across digital channels, leading to an increased use of virtual private network (VPN) servers serving as a “lifeline” to both schools and companies, alike, according to Tope Aladenusi of Deloitte.

Aladenusi goes on to say that, “There is a possibility that an [organization’s] unpreparedness will lead to security misconfiguration in VPNs thereby exposing sensitive information on the internet and also exposing the devices to Denial of Service (DoS) attacks.” And that risk is compounded when employees use personal computers or other devices in order to access official information.

From a business standpoint, this is in itself is greatly concerning, but individual remote workers—for which logging in has become the new clocking in—are also at an increased personal risk due to the current reliance on videoconferencing. According to the US Chamber of Commerce, “If nothing else, it gives [cyber criminals] the opportunity to eavesdrop on confidential communications and gather intelligence.” This is a slightly more disturbing concern than the usual Zoom-anxiety of just forgetting you have your camera on during a call.

Exploiting Increased Public Anxiety Due to COVID-19

On a more human note, it’s understandable that anxiety and mental health have come under increased pressure due to the sudden and dramatic change of lifestyle everyone across the globe has experienced over the past year. Even prior to these current challenges, human error was already often the “weakest link in cybersecurity defense,” as quoted from Ed Cabrera, chief cybersecurity officer at Trend Micro.

Cabrera goes on to say that with the addition of COVID-19 “[The current pandemic] definitely provides another opportunity for these groups to scale their social engineering [psychological manipulation] attacks.” He also confirms that his company has absolutely seen a particular increase in COVID-related content that was engineered to prey on people’s emotions or simply their desire to learn about the state of the pandemic. In the first quarter of 2020 alone,  there were roughly one million spam messages sent and almost 50,000 hits on “malicious URLs.”

Cabrera continues, “[Cyber criminals] exploit our trust. The trust we have in the applications we use, the emails that we get. […] What they’ve done is play on the fear and frustration that everybody feels from having been locked down. They are sending phishing emails using topics like rising COVID hotspots in their area [or] increased death rates. Or any information that relates to school openings or COVID testing results.”

What Can We Do?

According to Cyberchology: The Human Element, cybercrime has increased 63% since the COVID-19 lockdown began and human error has been the biggest challenge to counteract that increase.

While almost half of all those surveyed were worried about their stress management during the pandemic, over two-thirds of consumers were additionally worried about their cybersecurity risk. But, unfortunately, those same two-thirds of consumers simultaneously did not know what to do about it.

Here are some quick tips to combatting the increased risk factor of human error to you or your business’s cybersecurity.

  • Use a random password generator (yes, this really makes a difference)
  • Work on your mental health and remain vigilant for cybercriminals attempting to take advantage
  • For businesses, take the time to ensure that your VPN is absolutely secure
  • For businesses, work directly with your security team on methods to mitigate these increased risk factors

Whether you’re a business professional looking to shore up your data security, an everyday user who wants to feel more secure in their online habits, or a potential cybersecurity professional looking to get the lay of the land, it’s important to know that COVID-19 has absolutely changed the cybersecurity game. However, there will always be people like us at C6A standing up for security and protecting people no matter what challenges we may face! When it comes to making it through 2020, it’s good to be cautious, but it’s great to know that you have cybersecurity professionals watching your back!