Since February, when the outbreak went global, there has been a 4,300 percent jump in coronavirus-themed spam, according to a recent study by the Ponemon Institute and IBM. “Cybercriminals are using the coronavirus outbreak to drive their business, with virus-themed sales of malware assets on the dark web and even virus-related discount codes,” the study reports. “They are also rapidly creating domains. COVID-19-related domains are 50 percent more likely to be malicious than other domains registered during the same time period.”

The hidden threat comes from a big increase in the number of phishing attacks masquerading as messages from legitimate organizations, such as email phishing attacks purporting to come from the World Health Organization (WHO). Unavoidably, we have also seen data breaches in Indonesia amid the pandemic as reported in the media.

The concern is that many people forced to work from home lack the secure equipment and protocols that enable digital safety. With newly remote employees accessing corporate networks via personal devices, hackers are probing Wi-Fi configurations and Virtual Private Network (VPN) connections for security vulnerabilities. And as people congregate on cloud-based productivity platforms – both for work and personal reasons – malicious actors are launching schemes to exploit the situation, including hacking into and disrupting live meetings.

The tendency toward ad-hoc decision-making during crises only accelerates the opportunity to leak data or compromise business operations. The potential impacts are more dangerous, too. A distributed denial-of-service (DDoS) attack, for instance, can be far more damaging in an operational environment that is already strained for capacity than one launched when additional capacity is readily available.

However, in an interconnected digital world, one weak link is enough to offset the balance. Most organizations in Indonesia and worldwide are ill-equipped to handle a major cybersecurity incident, much less during a global crisis such as a global pandemic. The Ponemon study found that 76 percent of companies did not have an incident response plan applied consistently across the organization.

About 25 percent reported not having any crisis response or mitigation plans, or Cyber Security Incident Response Plan (CSIRP). An effective CSIRP would cover governance and communications practices and define how crisis response would be handled across the firm, including strategy, technology, operations, community and government relations.

During a crisis, executives and members of security teams need to filter available information to quickly make sound decisions. Borrowing principles originally developed by military strategists, organizations should incorporate tactical operations techniques such as “observe, orient, decide and act,” which is known as the “OODA loop”.

The OODA loop encourages iteration. If companies can go through it faster than whatever they’re remediating, they gain an advantage. By accelerating the response, companies can harmonize efforts with the broader team. No decision has to be final. Making small mistakes is often better than taking no action.

So how can you keep your organization safe? The technology you’re using will make a big difference. If your employees are using work-issued laptops or phones, then you’ll have more control over security issues.

There are three phases in an effective CSIRP that companies can take:

Technology fixes can only take you so far, however. In virtually all cases, people are the weakest link in corporate security systems, and that will be especially true as stressed-out employees grapple with health issues, childcare concerns, economic worries or simply the chaos of learning to do their jobs from their sofas instead of their desks. This vulnerability means any effective cybersecurity strategy will need to focus less on technological solutions than on the human factor.

During a crisis, companies need to assume that they’ll have multiple points of failure, both human and technological, and ensure that the organization’s most sensitive information is properly guarded, even if hackers gain access to other parts of the network.

Cybercriminals have already unleashed a new wave of phishing attacks that prey on pandemic-related insecurities by appearing to offer official advice or help. Companies need to proactively warn employees to be on guard against such attacks, and ensure they know how to contact the IT team and report potential problems.

The bottom line is that COVID-19 has put the world on notice. As with any great upheaval, some of the lessons learned can be used to improve future responses. Whether we like it or not, cyberattacks are going to be a significant part of the new post-pandemic world that we all inhabit. During these difficult times, it’s more important than ever for organizations to take cybersecurity seriously, to be on guard against potential breaches and to use every tool at their disposal to keep their data safe. If cybercriminals aren’t sleeping, then businesses can’t afford to be caught napping either.

As COVID-19-related threats escalate on the cyber front, everyone also needs to play their part in taking practical steps to stay safe online. One thing seems certain; the ability to communicate, coordinate and collaborate – as much as the ability to command and control – will win the day.

***

The writer is president director of IBM Indonesia.

Popular

To my horror, it’s just a movie!

RI, Australia strengthen partnership on taxing crypto assets

Pentagon chief congratulates Prabowo on being elected President