Smartworking, COVID-19 and the importance of cybersecurity (part 1)

The COVID-19 emergency has seen a significant rise in cyberthreats. Throughout the world, there has been a marked growth in ransomware, fake COVID-19 apps and targeted phishing scams. What threats can we expect in Hong Kong, and how can you best mitigate against them?


Domain name threats in play, too

Domain attacks have also ramped up since the global pandemic commenced, according to cybersecurity company Check Point. More than 16,000 domain names related to COVID-19 have been registered since January, with around 10% of them having malicious motives.


This amounts to almost double the typical number of domain name registrations according to security specialists at Check Point.


Why is it happening?

Because cybercriminals love a vacuum: change and new ways of working can present them with opportunities. A scenario as all-encompassing as the COVID-19 pandemic has not really been anticipated by business, so it is practically impossible to plan for. You can carry out all the cybersecurity due diligence in the world, but it probably would never include a sudden ramping up of millions of people being forced to work from home.


It isn’t surprising that there are many thousands of newly remote workers in Hong Kong who are simply unaware of basic security measures. They are not used to working from home, so why would they be aware of the security requirements around it? As a result, many employees working from home create a new layer of vulnerability through no real fault of their own, by switching on compromised devices and applications. At the same time, many companies are struggling to keep externally-accessed systems secure, and cybercriminals are also becoming increasingly proficient at mimicking emails from health authorities.