By now, many experts agree that repercussions from the coronavirus will hit every organization on some level, no matter how resilient they thought they were.
In fact, cyber security author Raef Meeuwisse has said that “no single event to date has changed the tech threat landscape more than the consequences and impacts developing around the Coronavirus (CoViD-19).” These threats include:
- Manipulation of news events for use in scams
- Shortages of security and technical skills
- Supply chain failures
- A potential increase in hacking attempts
Then there are the business consequences, such as the sudden changes in consumer patterns and potential loss of income. The coronavirus is unmistakably a black swan event that has organizations rapidly having to create continuity plans to cover “what-if” scenarios that were unthinkable just a couple of months ago.
As the coronavirus evolves into a worldwide pandemic, threat actors continue to exploit the disease to spread malware. Cyber security professionals have identified myriad new threats from coronavirus-themed malware attacks and false URLs.
The WHO has even set up a page to warn everyone about the hackers who are using the deadly virus as a tool for scams.
As the coronavirus continues to spread, cyber criminals will likely begin adjusting their campaigns to include employees who may now work from home for an extended period of time to keep the virus from spreading throughout large corporations.
Unfortunately, hacking is not a profession deterred by a quarantine. As a matter of fact, it may be fueled by it. Employees who may be considering malicious activity could be more likely to do it at home, making it harder to detect. They might be motivated to increase the volume of their attempts to breach organizations that are already at a disadvantage from other coronavirus-related factors such as a lack of resources due to illness.
Remote Work Challenges
A remote workforce can make it more difficult for IT staff to monitor and contain threats to network security. When a threat is detected in an office environment, IT can immediately quarantine the device and disconnect it from the network while conducting investigations. If users are working remotely, organizations should ideally ensure that IT and Security team members are easily contactable and maybe even able to physically address a compromise at its source.
Additionally, not all organizations are set up for remote work and rushing to make systems available could leave them improperly secured, ripe with vulnerabilities.
Supply Chain Disruption
There are predictions that the peak of the impact of CoViD-19 on global supply chains will occur in mid-March, forcing thousands of companies to slow down or temporarily shut down assembly and manufacturing plants in the U.S. and Europe.
Moreover, continuing pressure to reduce supply chain costs has caused companies to pursue cost-cutting measures that mean when there is a supply-chain disruption, manufacturing can stop quickly because of a lack of parts. The majority of companies likely have no idea what their risk exposure actually is because very few have full knowledge of the locations of all the companies that provide parts to their direct suppliers.
Organizations should be prepared for a variety of potential interruptions to business as usual as the coronavirus situation and its effects evolve. There will likely be an increase in cyber security vulnerabilities, even for those who consider themselves well protected. It is important for organizations to be armed to the best of their ability to detect and mitigate threats as they occur, especially as more unforeseen risks may continue to develop.