Skip to main content

Hackers have stolen a march during the pandemic: It's time to catchup

(Image credit: Shutterstock / Song_about_summer)

With the UK economy now in recovery mode, Andy Barratt, UK MD at international cybersecurity consultancy Coalfire, looks at the advantages Covid-19 has afforded hackers, and what businesses need to do to level the playing field.

A large proportion of businesses have had what would be lightly termed as a ‘challenging’ 12 months, with Covid-19 restrictions forcing firms to adopt homeworking models, or to pause trading altogether. 

Operating between the cracks created by this seismic shift in how the business world operates, cybercriminals have been quick to seize on the opportunities presented to them by the pandemic. 

Figures from the Department for Digital, Culture, Media and Sport (DoDCMS) show that two in five (39 percent) firms have experienced a cybersecurity attack or breach during the past 12 months, with malicious actors adapting to the new environment created by the pandemic much faster than businesses.

In fact, in the first 30 days of the first lockdown alone, more than 2,000 new scams relating to Covid-19 were shut down by the National Cyber Security Centre. Examples included cybercriminals sending fake emails purporting to be from video conferencing services Zoom and Microsoft Teams or launching false coronavirus tracker apps that infected devices with malware.

An increase in cyberattacks, just as the world shifted to homeworking, is no coincidence. Not only did this more tech-enabled environment create more attack surfaces for hackers to exploit; for many businesses, it took attention and IT resource away from security. 

Cybercriminals wasted no time in exploiting these chaotic conditions and preyed on the nation’s lockdown anxiety by putting the pandemic at the centre of their offensive scams.

This shift in focus has had a disproportionate effect on businesses with links to government and critical infrastructure. Firms like Bam Construction, Interserve and Elexon were all targeted by attackers looking to take advantage of their connection to large public projects.

Enforced homeworking should soon be behind us but a more flexible relationship with the office, where remote work is more common, is likely here to stay – as will the increased cyber risk created by this more digitally-enabled environment.

As businesses look to offer a more hybrid working arrangement to their employees, they must also ensure that this continued digital transformation coincides with a greater focus on security if we are to reclaim the advantage cybercriminals have gained during the pandemic.

Head in the cloud 

It’s easy to think that implementing proper cybersecurity protocols is primarily about investing in the right technology. While this is vital, in reality, people, culture and education are just as important, and a business needs to see cybersecurity as a constant and evolving part of their operations. 

The majority of the cyberattacks reported to the DoDCMS over past year involved an employee falling victim to some form of social engineering attack – phishing emails or malicious actors impersonating trustworthy individuals or organizations. 

Our own research, which examined data from hundreds of attacks simulated on businesses under real-world conditions, found that people were the single largest vulnerability for most organizations, even prior to Covid-19. This makes educating employees about the cyber threats they face at work, and at home, vital. But a firm’s security strategy must go further than a simple ’phishing 101’ for staff – a lot of companies require a deeper, cultural shift, particularly in the more digital-first environment that has emerged from Covid-19.

Beyond this, are deeper, cultural shifts that a lot of companies must undertake. Too often – particularly within large businesses – the mindset is to hide problems from leaders for fear of repercussion, which creates a disconnect between board room and shop floor.

Typically, the faster a breach is detected, the less impact it has on both a business’ bottom line and reputation. So, at a time when businesses are already under intense pressure, it’s essential to foster a supportive culture where individuals can openly ask questions, learn how to spot and avoid cyber threats and, vitally, feel confident that flagging risks won’t adversely affect their careers. 

Many businesses quickly abandoned legacy systems in favor of more cloud-native platforms to facilitate the remote work environment enforced by the pandemic, often without considering whether any additional security measure needed implementing alongside.  

No doubt, many businesses took a well-managed ‘cloud first’ approach and have remained resilient to cyber threats as a result. The more malleable digital environment offered by cloud had a lot of advantages for those businesses, enabling them to adopt relatively seamless remote working and scale up and down in line with changing lockdown restrictions. 

But too many others jumped into cloud at the start of the pandemic without really assessing the risks. This can be forgiven considering the unprecedented circumstances firms found themselves in but, as we see Covid measures ease and the global economy start to reboot, now is the time to take stock of those decisions, assess the vulnerabilities rapid cloud adoption created and take the necessary steps to guard against these risks.

Brave new world of work 

Covid-19 has fast-tracked a new era in how many can work but, in doing so, has also created an even bigger attack surface for cybercriminals, who typically have very few legal or budgetary constraints in the world they operate in.

Employees have become used to a more flexible relationship with their employer and turning the clocks back isn’t an option for those businesses. Supporting this shift must include investment in comprehensive cybersecurity infrastructure, carefully managed cloud adoption, and a culture of awareness to the threats we face, wherever we work from.

  • Here's our rundown of the best free VPN service providers right now

Andy Barratt, UK managing director, Coalfire

Andy Barratt has almost 20 years’ experience working in IT infrastructure, information security and assurance services and leads Coalfire’s UK and EU operations. He is actively involved in supporting security compliance with a number of technology companies, software suppliers, payment processors, banks, and insurers. Coalfire is a specialist cyber security consultancy headquartered in Denver, Colorado. The UK team is based in Manchester.