Streamline your cloud experience and maximise your cloud investment with Microsoft Azure-aligned public cloud services.
Host all of your workloads in the most appropriate location while experiencing the simplicity of one cloud from Six Degrees.
Enhance your cyber security and safeguard your organisation with our cyber security strategy and advisory, consultancy, and managed services.
Connect your business through a comprehensive connectivity portfolio delivered via our owned and operated core Next Generation Network (NGN).
Access the smarter, faster technology needed to make the most of your hybrid working future.
Streamline your hosting with comprehensive colocation services delivered from three UK data centres.
Gain clarity and control of your 5G estate, ensuring ongoing cost efficiencies are managed on your behalf through our managed service.
Gain confidence in your cloud direction and achieve accelerated time to value through our assured and optimised cloud services.
Master today’s complex threat landscape and protect your business with our intelligence-led security services.
Videos and webinars are a great way to digest the latest technology insights.
Our eBooks and whitepapers provide in-depth insights from our experts.
Our thought leaders publish regular blogs on up-to-the-minute topics.
Learn all about the latest news from Six Degrees as we continue to evolve.
We host regular in-person and virtual events for our clients.
Learn how we enable our clients to achieve more; providing superior secure solutions, powered by our passionate people.
We are proud to partner with many of the world’s leading vendors, enabling you to leverage our continual investment in difference-making technology.
Learn how CNS at Six Degrees delivers intelligence-led security services that protect organisations in today’s hostile landscape.
We are committed to operating in an environmentally and socially conscious way. Learn more about our commitments as a business.
We are proud of our secure cloud credentials. Learn why we’re one of the most highly accredited providers in the UK.
We are a friendly and passionate bunch here. Whether you want to work with us or for us, we think you’ll enjoy the Six Degrees experience.
Home » Blogs » Coronavirus Cyber Security: Understanding the Developing Threat Landscape
If there’s one thing you can say for cybercriminals, they rarely miss an opportunity. The coronavirus pandemic has offered cybercriminals a myriad of opportunities to exploit victims’ fears and uncertainties, sow seeds of false hope, and persistently cause disarray in the aid of compromising data and making money. We may believe this marks a new low for the cybercriminal community, but those active within it are unlikely to care: their tactics since the beginning of lockdown have been creative, carefully planned, well executed, and highly effective.
How have these tactics developed throughout the course of the lockdown, and how do we expect the coronavirus cyber security threat landscape to look as we begin to transition out of the lockdown and into the new normal? In this blog we will tell you what you need to know.
As nations throughout the world began one-by-one to move to lockdown in the early part of 2020, cybercriminals quickly recognised the opportunity this unprecedented situation presented. The panic and uncertainty nations and their people were experiencing gave cybercriminals the chance to spread misinformation that could be leveraged to launch cyber-attacks.
Cybercriminals did just this, refocusing cyber threat actors to exploit the coronavirus pandemic and the lag time between cyber security management being aware of potential threats and the wider workforce gaining an understanding.
Attacks were creative, and they recognised both the way people communicated and what they were talking about. Viral WhatsApp messages would contain links to infected websites; websites claiming to have up-to-date COVID-19 maps actually held malware payloads; fake grocery delivery websites accepted orders and payments for shipments that never arrived; typo squatting websites popped up to exploit missed keystrokes wherever possible; and smishing (phishing attacks targeted at mobile phones) and mobile malware were rampant as cybercriminals recognised that most of us were searching for information and contacting friends and family using their smartphones. It was like the wild west. Cybercriminals were having a field day launching multiple attacks and seeing what worked – a real cyber threat gold rush.
As nations settled into their lockdowns, cyber-attacks became more targeted and more sophisticated as cybercriminals got to grips with how we worked in the new normal. Cybercriminals recognised that many of us would become bored and restless, and so began to launch cyber-attacks through spurious offers – ‘here’s some free beer! Here’s a free VPN for getting US Netflix!’ – and through malware hidden in pirated movies. They also exploited UK Government aid, with a fake HMRC portal launched as the furlough job retention scheme was announced.
Cybercriminals were also quick to exploit organisations’ dispersed workforces, as less engaged users were more likely to lose concentration and click malicious links which led to first stage compromises that could be exploited in ransomware attacks.
Teleconferencing providers have also been a popular target for cybercriminals, as their use has increased exponentially. Zoom has been a high-profile victim, but it is far from alone – Microsoft Teams has also been targeted by cybercriminals, who have launched cyber-attacks through phishing emails claiming to contain links to missed messages.
As the UK Government announced its lockdown exit plan in mid-May, cybercriminals will have amended their tactics to exploit the transition to the new normal. This is where we find ourselves today – still working from home where possible, potentially growing tired of spending so much time indoors, and likely to jump at the first sign of any good news. Cybercriminals know this and will exploit it – in many ways they will likely repeat their tactics from the beginning of the lockdown, only shifting their focus to fraud around the likes of face masks, lockdown easing methods, and viral messages sent via social media and WhatsApp.
Nobody knows quite how the new normal will look, but it’s fair to assume that agile working will play a much greater part in most of our lives. Cyber security professionals will face a range of challenges, including maintaining a consistent security approach regardless of location; safely reintroducing potentially vulnerable laptops to the corporate network; and handling account management as disgruntled employees hold the potential to wreak havoc if they maintain access to systems.
One thing we can be sure of is that cybercriminals will be quick to exploit any vulnerabilities we present to them. Now more than ever, organisations need to maintain strong, consistent cyber security postures if they are to stay safe from cybercriminals in this constantly developing coronavirus cyber security threat landscape.
Six Degrees delivers managed cyber security and consultancy services that will enable your organisation to minimise its exposure to financial, operational and reputational damage resulting from cyber-attacks.
The Six Degrees Cyber Clinic delivers free cyber security advice and best practice guidance to help your organisation remain secure during this period of uncertainty. If you would like to contact the Cyber Clinic with your questions or concerns, please get in touch.
We are publishing regular Cyber Intelligence Reports that provide details of known cyber threats related to coronavirus that have arisen, along with recommended remediation steps. You can download the latest report here.
The Government has announced its lockdown exit plan, and organisations…
More information on our Privacy and Cookies Policy can be found here: https://www.6dg.co.uk/privacy-cookies/. You can update how we contact you in the future by visiting our Communications Preference Centre here: https://www.6dg.co.uk/preference-centre/.
