When we speak about how individuals can stay safe during COVID-19, we wouldn’t immediately think of cybersecurity, and sextortion would be the last thing on our minds – but that is one way that individuals are being targeted today.
Individuals were targeted by cybercriminals even prior to the outbreak of the coronavirus, but the payoff from attacking a common man, compared to targeting a large business or public institution, was low. That changed once everyone began working from home, because
• Individuals became a conduit to access business data when they were not protected by hardened enterprise IT infrastructure
• Individuals are now spending a lot of their time at home online, which allows the attackers to use their devices to launch attacks(e.g., DDOS) on others
The coronavirus outbreak has meant that there is money to be made by targeting any individual – that’s our new reality. Cyberattacks during COVID-19 have challenged many preconceived notions about online safety, such as believing that only users from major cities are at risk, or that a password provides sufficient protection.
Neither of these is true. K7 Threat Labs has observed that users from Ghaziabad have suffered almost 6 times the number of attacks as users from Bengaluru, and passwords can be described as necessary but not sufficient as they can be guessed or even stolen using a keylogger.
What Gives Cybercriminals an Advantage Over Individuals?
Cyber attackers are often portrayed as criminal masterminds in the movies. In the real world, they may just be buying readymade exploit kits from the dark web and deploying them against unsuspecting and unprepared users. These off-the-shelf malware work because
How Individuals Can Protect Themselves against Cybercriminals
Cybercriminals can unleash very sophisticated attacks against individuals, such as attacks that don’t need specific actions from the user to launch, but that doesn’t mean they have the advantage. Individuals can protect themselves by following a 3 pronged approach: Knowledge, Discipline, Tools.
Once we understand the impact a cyberattack can have on our lives, we can appreciate that learning about cybercriminals’ methods gives us the power to protect ourselves. Once we know about social engineering and how it can be used to gain our trust, we will be able to identify a scam even when the message seems genuine. Similar to physical hygiene, cyber hygiene largely involves following sensible precautions to keep threats at bay.
We all wish we had more discipline – to eat right, exercise more, read a book. Digital discipline is very similar – we know what is good for us, but we find reasons to avoid practising them. Luckily, maintaining digital discipline is a lot easier than sticking to a fitness programme when working from home.
A good craftsman knows which tools to use, which to avoid, and how to get the best out of them. It is the same with cybersecurity. The same digital technology that cybercriminals use against you can also be used to defend yourself against them. Use your technology tools wisely to stay cyber safe.
These steps are fairly simple but users who are not very comfortable with digital devices and services, such as senior citizens, may still find them challenging. Once we understand the Why and how of cyber security, we should help others be cybersafe. Everyone should be able to enjoy cyberspace. No one should be a victim of cybercrime.
- By Mr Sudarsan Ranganathan, President & Chief Strategy Officer, K7 Computing