Cyber Attack Industry

At some point in time you might have experienced working on an infected computer. A computer with a virus that made it slow and laggy. It is obviously annoying and it can also be scary.

However, not all computer viruses are the same. Some computer viruses are smart - and gentle - enough to work smoothly on your device without causing any performance or annoying issues.

A virus is, of course, a malicious piece of software but we need to think of it as a 'product' developed by professionals who have clear goals. Goals such as money and respect within their community and the aim is often to 'fly under the radar', avoiding detection by not by making someone’s PC slow! Some viruses are deliberately developed to go into a suspended state during high usage to avoid exactly that.

What is happening during Covid-19?

Lots of things are changing out there, in fact almost everything. But how did Covid-19 change cyber attacks specifically?

We can summarise by saying that Covid-19 is 'peak season' for hackers. If viruses, trojans and ransomware are hacker’s products, online interaction is the market. Since Covid-19 most people were forced to work remotely which resulted in a significant enlargement of online traffic, increasing the number of connected devices as well as the number of workers who are perhaps not aware of the increased cyber threats outside of their office environments.

These events led to Microsoft releasing its biggest ever security updates to date, with fixes for more than 100 security vulnerabilities found on its products. Zoom, the popular online meeting software, has garnered huge attention since the beginning of the pandemic as its users soared and so did the security issues.

Zoom decided to revamp its conferencing software from the security perspective, launching the whole new zoom 5.0 version by 1st April, with a rapid deprecation of the usage of earlier versions.

How does it happen?

Attacking is like hunting. The hacker either aims and shoots or installs a trap and waits. The first kind usually works with a well defined target, such as an organisation while the trap works by snaring unaware individuals.

In fact, most attacks target individuals as part of an attack on an organisation, those individuals usually being employees of the target. Often attacks start by sending a link to the prospective victim(s), then waiting for the link to be clicked. Once this happens the attacker gets one step closer to his/her goal.

Clicking a link might not be the end of the story, but it makes things easier for the hacker. When you click on a link this might result in downloading a virus or visiting a malicious page that might download the virus or spy on you to find a way to infect your machine.

How to stay safe?

There are some basic precautions you need to be aware of, such as:

• Don’t click any links unless you are 100% sure of the source and the destination.
• When you click a link, double check the final page you have landed on. Make sure that page’s URL is correct because it is not enough to trust that this is Facebook for example, just because it looks like Facebook.
• Never respond through emails with personal or confidential data. Remember that all personal information is critical for the success of the hacker.
• Frequently logout from your account and log back in again.
• Frequently change your major account passwords.
• Never reuse the same password for major accounts, such as main email, banking account and your social media accounts.
• Finally, enable MFA (Multi Factor Authentication) wherever possible.

Remember, Stay alert and stay safe! Protect yourself and your organisation from attacks.

Ahmed Yossef

Senior Consultant & Trainer