How Ransomware Is Accelerating in the COVID-19 Era
… the severe acute respiratory syndrome coronavirus 2, or SARS-CoV2 virus, in March. Everybody in Italy was suffering, and everybody around the world wanted answers, any scrap of information there was about the virus, its transmission or its treatment. How many of us could honestly say that, in such a state, we wouldn’t have clicked on that attached document?
Ransomware attacks usually start with a phishing email, and we’re three times as likely to click a COVID-19 phishing link than any other kind. It’s not because they’re more believable, but because we’re less discerning. Fear makes us irrational.
What to Do
Individuals and corporations have the capacity to deal with ransomware in a measured way. When an attack occurs we can at least try to take a breath, consider what data of ours is crucial and what isn’t, figure out whether we have backups, and decide whom we should call for help.
Hospitals usually don’t have this luxury. When two dozen U.S. health care facilities were held for ransom by Russian cybercriminals on Oct. 29, but also in plenty of other cases, the risks to human life made paying off even exorbitant ransoms worthwhile. It’s all part of a vicious cycle, where hospitals continually pay out so hackers repeatedly come back.
What we need now, more than ever before, is to make cybersecurity a forefront issue, to treat it as business-critical and as a public health risk. We should treat our digital workspaces like valuable investments, and give hospital IT networks as much care as the patients that rely on them.
Doing this will be important after the pandemic, but it’s especially urgent right now, because the mere existence of COVID-19 is, itself, a security threat. This pandemic has made us scared and vulnerable, and that’s exactly what our attackers want.
Ayesha Prakash is KELA‘s vice president of global channels, where she incorporates more than 15 years of experience across IT and cybersecurity industries. She has extensive experience driving global business development and marketing efforts in the cybersecurity space, previously holding positions such as head of global channels and partnerships and chief revenue officer at leading cyber intelligence firms. She was awarded a Top Gun 51 designation from Channel Partners Online. Ayesha serves on the board for the cybersecurity program for Pace University, Ithaca College and Rutgers University. She also is active in the Information Systems Audit and Control Association (ISACA), Women in Cyber (WiSys) and the Alliance of Channel Women. You may follow her on LinkedIn or @Intel_by_KELA on Twitter.